Apparatus and method for differential backup and restoration of data in a computer storage system

ABSTRACT

Method and apparatus for generating partial backups of logical objects in a computer storage system are disclosed. Changed data blocks are identified and stored as differential abstract block sets. The differential abstract block set may include data blocks in any order and metadata identifying the relative position of the data block in the logical object. The invention includes methods for formatting updated backups using the differential backups.

FIELD OF THE INVENTION

This invention relates to data storage for computers, and moreparticularly to an apparatus and methods for differential backup andrestoration of data in a computer storage system.

DISCUSSION OF THE RELATED ART

Virtually all computer applications (or programs) rely on storage. Thisstorage can be used for both storing the computer code and for storingdata manipulated by the code. (The term “data” refers to anyinformation, including formatting information, executable code and datafor manipulation by an application program.)

Storage technology has developed in a variety of different directions.Accordingly, a wide variety of storage systems are available. It hasbecome impractical, therefore, for the person writing the computerapplication to also be responsible for detailed control over how data isstored on the storage system.

For this (and other) reasons, application programs typically run on anoperating system (e.g., Unix. Windows, MS DOS, Linux, and the manyvariations of each). Once again, however, the operating system may beused with a variety of storage systems.

It would be highly inefficient to have to change the operating system,or the application programs, every time a change is made to physicalstorage. As a result, various layers of abstraction have evolved forviewing how data is actually stored in the storage system.

FIG. 1 illustrates one way of viewing the layers of abstraction. At thetop level 10, the application program may assume that data is stored ina manner that has very little to do with how the data is placed onto thephysical device. For example, the application may view the storagesystem as containing a number of directories and data files within thedirectories. Thus, in an application written for use in the Unixoperating system, the application will assume that files are storedaccording to the Unix directory structure (including hierarchicaldirectories and files located within the directories). This assumedorganization of physical storage may have very little to do with howthat data is actually stored onto the actual storage devices. This viewmay be referred to as the “logical view” because of the separationbetween the logical view of data from the application level is divorcedfrom any view of how the data is physically stored. A logical entity,such as a file, database or other construct, may be referred to at thelogical level as a “logical object.”

The application level 10 interfaces with the file system level 12. Thefile system level is concerned with how files are stored on disks andhow to make everything work efficiently and reliably. Thus, the filesystem level may be responsible for storing directory structure, and forbreaking up files into constituent data blocks for storage onto aphysical storage system. For example, in most implementations of Unix,each file has an associated I-node. This node may contain accounting andprotection information and, additionally, a set of pointers to datablocks.

Relatively early in the development of computer systems, disk drivesbecame a fundamental device for storage. Accordingly, computer operatingsystems have been developed assuming that memory will rely oninput/output (“I/O”) to a disk drive. The file system 12, therefore, mayassume one or more “volumes” which correspond to a physical storage unitsuch as a disk drive (or any other unit of storage), with data stored inblocks on the disk drive.

The demand for storage to be available for use by applications has skyrocketed. As a result, a number of separate physical devices may berequired to accommodate the total amount of storage required for asystem. In addition, storage systems are often changed or reconfigured.

To insulate the operating system from any changes within the physicaldevice storage system, some mechanism is often employed to flexibly mapa standard (volume) view of physical storage onto an actual physicalstorage system. The logical volume manager (“LVM”) 14 of FIG. 1 can helpachieve this function by mapping the file system view of data storageinto an intermediate layer.

Finally, the actual storage reading and writing (and, potentially,additional mapping onto physical storage devices) occurs within thephysical storage system level 16, as illustrated in FIG. 1. Thus, forexample, the logical volume manager may map the file system level viewof data into volume sizes corresponding to fixed physical storagesegment sizes for storage on a physical device (e.g, block sizes). Thephysical storage system level may then map the logical volume managerlevel volumes onto physical storage segments (e.g., hyper-volumesdiscussed below).

Logical volume managers have been implemented for use with the HP-UX byHP and by VERITAS operating systems, as examples. The Symmetrix line ofstorage systems, available from EMC Corporation, of Hopkinton, Mass., isone system capable of mapping hyper-volumes onto physical devices. (TheSymmetrix product line of integrated cached disk arrays is described innumerous publications form EMC Corporation, including the Symmetrixmodel 55xx product manual, p-n200-810-550, rev.f, February, 1996.)

In the above examples, the mapping of application level data into actualphysical storage occurs across four levels: application level to filesystem level; file system level to LVM level; LVM level to physicalstorage system level; and physical storage system level to the actualphysical storage devices. More or fewer levels of mapping can be done.In some systems, for example, only one level of mapping is performed,e.g., mapping from the application level directly onto actual physicalstorage devices. In many systems, the mapping stage at the LVM level isomitted. Similarly, in many systems, no mapping is done at the physicalstorage level (e.g., data is stored directly onto actual devicescorresponding to the format of the preceding level and without anyfurther mapping onto physical storage components.)

FIG. 2A illustrates an example of the mapping that may be performed bythe logical volume manager 14 and the physical storage system 16, tostore data onto actual physical devices. The application/file system'sview of the storage system contemplates three separate storagedevices—volume A 20, volume B 21, and volume C 22. Thus, as far as thefile system level 12 can discern, the system consists of three separatestorage devices 20-22. Each separate storage device may be referred toas a “virtual volume,” or “virtual disk.” This reflects that theoperating system's view of the storage device structure may notcorrespond to the actual physical storage system implementing thestructure (hence, “virtual”). Unlike the application level 10, however,the file system 12 perspective is as if the file system 12 were dealingwith raw physical devices or volumes.

As far as the file system level is concerned, the virtual volumes may bedivided up into “partitions,” which are continuous segments of storage.These partitions are, in fact, “virtual” partitions, because thepartition may actually be stored across a variety of physical storagesegments (e.g., hyper-volumes).

In FIG. 2A, the data is physically stored on the physical storagedevices 24-26. In this particular example, although there are threephysical devices 24-26 and three volumes 20-22, there is not a one toone mapping of the virtual volumes to physical devices. In thisparticular example, the data in volume A 20 is actually stored onphysical devices 24-26, as indicated at 20 a, 20 b and 20 c. In thisexample, volume B is stored entirely on physical device 24, as indicatedat 22 a, 22 b. Finally, volume C is stored on physical device 24 andphysical device 26 as indicated at 21 a, 21 b.

In this particular example, the boxes 20 a-20 c, 21 a-21 b and 22 a-22 brepresent contiguous segments of storage within the respective physicaldevices 24-26. These contiguous segments of storage may, but need not,be of the same size. The segments of storage may be referred to as“hyper-volumes,” and correspond to segments of physical storage that canbe used as components when constructing a virtual volume for use by thefile system. A hypervolume may be comprised of a number of “datablocks.” A data block is a unit of storage (e.g., a 512 byte block) thatis written or read at one time from the physical storage device.

Array management software running on a general purpose processor (orsome other mechanism such as a custom hardware circuit) 23 translatesrequests from a host computer (not shown) (made assuming the logicalvolume structure 20-22) into requests that correspond to the way inwhich the data is actually stored on the physical devices 24-26. Inpractice, the array management software 23 may be implemented as a partof a unitary storage system that includes the physical devices 24-26,may be implemented on a host computer, or may be done in some othermanner.

In FIG. 2A the array management software 23 performs the functions ofboth the logical volume manager 14 (if present) and the physical storagelevel 16, by mapping the file system's virtual volumes 20-22 intosegments that can be stored onto physical devices 24-26. The arraymanagement software 23 also performs the functions of the physicalstorage system level 16, by determining where to store the hyper-volumes20A-20C, 21A-21B and 22A-22B.

The physical storage devices shown in the example of FIG. 2A are diskdrives. A disk drive may include one or more disks of a recording media(such as a magnetic recording medium or an optical recording medium).Information can be written and read from this storage medium for storagepurposes. The recording medium is typically in the form of a disk thatrotates. The disk generally includes a number of tracks on which theinformation is recorded and from which the information is read. Eachtrack may include more than one “data block.” A data block is a unit ofdata that can be read as a single unit. A data block may be a 512 by theblock of data, an 8 k segment on a 32 k track, or some other structure.In these examples, the size of the block is fixed. In other cases, theblock may be of variable size, such as a CKD record. In a disk drivethat includes multiple disks, the disks are conventionally stacked sothat corresponding tracks of each disk overlie each other. In this case,specification of a single track on which information is stored withinthe disk drive includes not only specification of an individual track ona disk, but also which of the multiple disks the information is storedon.

To identify an individual data block, an address may include aspecification of the disk, (which may consist of several “platters”), aspecification of the track within the disk (or “cylinder”), aspecification of the head (or which of the platters comprising the“disk”) and a specification of the particular data block within thetrack. The specification of the position of the data block within thetrack may, for example, be addressed as an offset, e.g., this is thethird data block appearing on the track. Thus, an address ofddccceh:offset may specify a block—disk dd, cylinder cccc, head h andthe specified offset. The physical storage devices for use with thepresent invention may, however, be formed in any other geometry,addressed in any other manner or even constitute a different type ofstorage mechanism.

FIG. 2B illustrates one example of mapping between the top level ofabstraction—the application level—to the actual physical storage level.An application level file 200 includes visual information. Thisinformation is in the form of a conventional file and includes a seriesof bits.

When the application level file is mapped onto physical storage, theapplication level file may be converted into segments of the individualbits, e.g., segment 203. Thus, a segment of the application level file203 is mapped (for example according to the general mapping structuredescribed above with reference to FIG. 1) onto actual physical storagedevices 204-206. In this example, the first segment of bits in 203 inthe application level file 200 is mapped onto physical storage device204, at a portion 208 of the physical storage device 204. As shown inFIG. 2B, the individual segments of bits in the application level file200 may be mapped anywhere among a plurality of actual physical storagedevices. The granularity of the segments of bits (e.g., segment 203) maycorrespond to one of a variety of different levels. For example, thegranularity of the segments may be a 512 byte data block. In anotherembodiment, the granularity may correspond to the amount of data storedin a track of the physical storage device 204-206 (when the physicalstorage devices are disk drives).

FIG. 2C illustrates an example of a logical object 27 that includes sixdata blocks or logical block elements 27 a-27 f. The logical objectitself may be any data structure or collection of data. For example, thelogical object could be a database table, a portion of a file systemfile, or a complete file system file, or any other identifiable logicalobject. Each of the data blocks 27 a-27 f may be a fixed size datablock, or a varying size data block such as a CKD record.

In the example of FIG. 2C, the logical object is stored on a physicalstorage device 28. In this example, the storage device includes a numberof columns, each representing a track of a disk.

Each row of the physical storage device represents a physical data orblock element within the applicable column/track. For example, row 28 a,column 28 b, stores a data block corresponding to the logical blockelement 27 b. Track 28 b would store physical data blocks that have thecontents of logical block elements 27 a and 27 b. As can be seen fromFIG. 2C, the logical block elements can be stored in any order on thephysical devices.

While the physical storage device 28 is illustrated as a contiguousarray, this need not be the case. For example, each of the tracks, suchas column 28 b, may be stored on a different disk drive or be part of adifferent hypervolume.

In a system including an array of physical disk devices, such as diskdevices 24-26 of FIG. 2A, each device typically performs error detectionand/or correction for the data stored on the particular physical device.Accordingly, each individual physical disk device detects when it doesnot have valid data to provide and, where possible, corrects the errors.Even where error correction is permitted for data stored on the physicaldevice, however, a catastrophic failure of the device would result inthe irrecoverable loss of data.

Accordingly, storage systems have been designed which include redundantstorage capacity. A variety of ways of storing data onto the disks in amanner that would permit recovery have developed. A number of suchmethods are generally described in the RAIDbook, A Source Book For DiskArray Technology, published by the RAID Advisory Board, St. Peter, Minn.(5th Ed., Feb. 1996). These systems include “RAID” storage systems. RAIDstands for Redundant Array of Independent Disks.

FIG. 3A illustrates one technique for storing redundant information in aRAID system. Under this technique, a plurality of physical devices 31-33include identical copies of the data. Thus, the data M1 can be“mirrored” onto a portion 31 a of physical device 31, a portion 32 a ofphysical device 32 and a portion 33 a of physical device 33. In thiscase, the aggregate portions of the physical disks that store theduplicated data 31 a, 32 a and 33 a may be referred to as a “mirrorgroup.” The number of places in which the data M1is mirrored isgenerally selected depending on the desired level of security againstirrecoverable loss of data.

In a mirror group, the copies are “linked.” That is, any update to onemirror causes an update to each other mirror in the group.

FIG. 3A shows three physical devices 31-33 which appear to be located inclose proximity, for example within a single storage system unit. Forvery sensitive data, however, one or more of the physical devices thathold the mirrored data may be located at a remote facility.

“RAID 1” is an example of data redundancy through mirroring of data. Ina RAID 1 architecture, a number of different mechanisms may be used fordetermining how to access and update data to improve, for example,performance of the storage system. In any event, a RAID 1 architecturecertainly has the ability to recover lost data. Unfortunately, the RAID1 architecture multiplies the cost of physical storage by the number of“mirrors” included in the mirror group.

FIG. 3B illustrates a solution that requires less added storage. In FIG.3B, data is stored at locations 34 a-34 d. In this particular example,the physical device 33 includes parity information P1 at 35 a, 35 b. Theparity information is generated by a simple exclusive-OR (“XOR”) of thecorresponding bits of data. Thus, the parity information P1 would begenerated by XORing the corresponding bits of the data D1 and data D2.

A variety of mechanisms are known for distributing the parityinformation on the physical devices. In the example shown in FIG. 3B,all of the parity information is stored on a single physical device 33.In other cases, the parity information may be distributed across thephysical devices.

FIG. 4 illustrates the concept that, within a given disk array, there isno need for all of the data to follow the same redundancy rule. In FIG.4, a first group of storage segments on physical devices 40-42 form amirror group 44. In the mirror group 44, the entire contents of a singlelogical volume (HV-A) are mirrored on three different physical devices40-42.

In FIG. 4, a single virtual volume is stored on the fourth physicaldevice 43, without any redundancy information, as indicated at 46.

Finally, a last group of data segments 45, on all four physical devices40-43, implement a parity redundancy scheme. In this particular example,the parity information is stored in segments of memory on two differentphysical devices 42-43, as indicated at 47 a and 47 b.

The storage system of FIG. 4 contains redundant information that permitsrecovery from errors, including use of a mirror for data located at aremote facility, that also permits recoveries from catastrophic failure.

FIG. 5 illustrates one system for additional backup, which may be usedor adapted in accordance with certain aspects of the present invention.In FIG. 5, a computer or client 50 performs its operations using storagesystem 52. The client 50 may be any conventional computing system, suchas a network client available from Sun Microsystems, and running theSolaris operating system (a version of Unix), an HP client running HP-UX(a Hewlett-Packard client, running a Hewlett-Packard version of the Unixoperating system) or an IBM client running the AIX operating system (anIBM version of Unix) or any other system with an associated operatingsystem. The storage system 52 may be any conventional storage system,including a Symmetrix storage system, described above. The client 50 maybe connected to many other devices over a network 56.

A backup storage system 54 is also attached to the network 56. Thebackup storage system 54 includes a backup storage device (which may bedisk drives, tape storage or any other storage mechanism), together witha system for placing data into the storage and recovering the data fromthat storage.

To perform a backup, the client 50 copies data from the storage system52 across the network 56 to the backup storage system 54. This processcan be explained in greater detail with reference to FIG. 1. The storagesystem 52 may correspond to the actual physical storage 16 of FIG. 1.For the client 50 to write the backup data over the network 56 to thebackup storage system 54, the client 50 first converts the backup datainto file data—i.e. gets the data from the physical storage system level16, and converts the data into application level format (e.g. a file)through the logical volume manager level 14, the file system level 12and the application level 10. Thus, an actual data file may becommunicated over the network 56 to the backup storage device 54. Whenthe backup storage device 54 receives the data file, the backup storagesystem 54 can take the application level 10 data file, convert it to itsappropriate file system level 12 format for the backup storage system,which can then be converted through a logical volume manager 14 leveland into physical storage 16.

This form of backing up data may be referred to as “logical—logical”backup. That is, the logical data is backed up on the backup storagedevice 54. The data to be backed up is presented independent of themanner in which it is physically stored on storage system 52 at thephysical storage system level 16, independent of the file system levelmechanisms on the client 50, and independent of how data is stored onthe backup storage device 54.

The EDM (EMC Data Manager) line of products is capable oflogical—logical backup over a network, as described in numerouspublications available from EMC, including the EDM User Guide (Network)“Basic EDM Manual”.

FIG. 6 illustrates one embodiment of an alternative structure for backupof data which may also be used in accordance with the present invention.In the embodiment of FIG. 6, a direct connection 60 is establishedbetween the storage system 52 and the backup storage system 54. In thisembodiment, the backup storage system may be a system as generallydescribed in EMC Data Manager: Symmetrix Connect User Guide, P/N200-113-591, Rev. C, December 1997, available from EMC Corporation ofHopkinton, Mass. The direct connection 60 may be a high speed datachannel, such as a SCSI cable or one or more fiber-channel cables. Inthis system, a user may be permitted to backup data over the network 56,or the direct connection 60.

While the method and apparatus of the present invention may be describedwith reference to the systems and concepts described above and in thediscussion of the related art, this is not intended to be limiting. Thepresent invention has broader application. Certain aspects of theinvention may be applied to any storage system. Accordingly, theinvention is only limited by the claims set forth below.

Whether the restore and backup process is done at a logical level or ata physical level, backups in the prior art require copying a completefile (or in some instances even more, such as an entire partition) forthe backup. Methods of backing up and restoring data on the system ofFIG. 6 are described in co-pending and commonly owned U.S. patentapplication Ser. No. 09/052,579, entitled “Logical Restore From APhysical Backup In A Computer Storage System,” filed Mar. 31, 1998, andnaming John Deshayes and Madhav Mutalik as inventors, and which ishereby incorporated herein by reference in its entirety.

FIG. 7 shows a storage system 70 that may be used as the storage system52 of FIG. 6. The client 50 may be connected to the storage device usinga channel or bus 71. The channel for communication with the client 50can be any suitable connection such as a Small Computer System Interface(“SCSI”) or Enterprise Systems Connection Architecture (“ESCON”). Whileonly one communication channel 71 into the storage system 70 is shown inFIG. 7, other channels may be included. (While the method and apparatusof the present invention may be described with reference to the storagesystem of FIG. 6 and the physical storage system (and associatedfeatures and methods) of FIG. 7, this is not intended to be limiting.The present invention has broader application. Certain aspects of theinvention may be applied to any storage system.)

Within the storage system 70 is a host adapter 72. In this particularembodiment, the host adapter 72 is responsible for managing andtranslating read and write requests from the host computer (e.g., client52 or backup storage system 54), which are based on the virtual diskstructure (e.g., from the file system or logical volume manager level),into one or more requests corresponding to how data is stored on theactual physical storage devices 76 a-76 d of the storage system 70.Thus, in this embodiment, the host adapter 72 implements at least someof the array management software 23 functions of FIG. 2. The hostadapter 72 can be implemented in any of a number of ways, includingusing a general purpose processor or a custom hardware implementation.In addition, multiple host adapters may be included to facilitate havingadditional I/O channels for the storage system 70.

The host adapter 72 communicates with the other components of thestorage system 70 using bus 73. The bus 73 may be any suitablecommunication element, including use of SCSI, ESCON, and other busprotocols.

Access to the physical storage devices 76 a-76 d is controlled throughthe use of disk adapters 75 a-75 d. The disk adapter 75 a-75 d can alsobe implemented using a general purpose processor or custom hardwaredesign. In the embodiment illustrated in FIG. 7, a disk adapter isprovided for each physical storage device. A disk adapter can, ofcourse, have more than one storage device attached to it. In addition,disk adapters may include secondary connections to the physical storagedevices of another disk adapter. This permits recovery from failure ofone disk adapter by shifting its functions to the second disk adapter.

In the embodiment of FIG. 7, reading and writing to the physical storagedevice 76 a-76 d through the disk adapters 75 a-75 d is facilitatedthrough use of a cache 74. The cache 74 may be a random access memoryhaving greater speed than the disk drives. When reading data, if thedata is being temporarily stored in the cache, the read request can befulfilled more quickly by taking the data from the cache 74. Similarly,when writing data, the data to be written can be stored in the cache.The other components of the system can proceed, while the data iswritten from the cache to the applicable physical storage device.

Any of a variety of mechanisms can be used to implement and manage thecache. An example of such a mechanism is included in U.S. Pat. No.5,537,568, entitled “System for dynamically controlling cache managermaintaining cache index and controlling sequential data access,” issuedon Jul. 16, 1996. Similarly, writes may be accomplished through thecache using any of a variety of mechanisms and strategies. One mechanismfor writing from the cache is to store the data to be written in thecache, and mark a “write pending” bit. When the write pending bit isencountered, the applicable data can be written to the disk. Thistechnique is described generally in U.S. Pat. No. 5,341,493, entitled“Disk storage system with write preservation during power failure,”issued on Aug. 23, 1994.

The cache may be divided into more than one area. For example, the cachemay include an area 74 a for storing data being read or written fromphysical storage devices 76 a-76 d. The cache may further include a“mailbox” area 74 b. The mailbox area 74 b may be used to facilitatecommunications among the disk adapters 75 a-75 d and with the hostadapter 72. For example, each disk adapter may have its own area withinthe mailbox 74 b. Each of the disk adapters 75 a-75 d can post or readinformation from the applicable mailbox area 74 b, to communicate statusand other information.

A remote adapter 78 may also be attached to the bus 73 of the storagesystem 70. The remote adapter may be employed for communication withremote data facilities (“RDF”), for example, connection to anotherstorage device to maintain a mirror redundancy group. One form of RDFlink and method of implementation is described in various publicationsavailable from EMC Corporation, including SYMMETRIX Remote Data FacilityProduct Manual, P/N 200-999-554, rev. B, June 1995. RDF embodiments arealso described in U.S. Pat. No. 5,544,347 (Yanai) which is herebyincorporated herein by reference in its entirety. It should beappreciated, however, that the present invention is not limited to theuse of RDF or to a system that employs SYMMETRIX disk arrays, and can beemployed with any of numerous other types of storage systems.

A service processor 77 may be coupled to the bus 73 of the storagesystem 70. The service processor 77 may include a display, keyboard andother I/O devices to permit an operator to use the service processor 77for configuring the components of the storage system 70 and for runningor initiating diagnosis and maintenance facilities.

SUMMARY OF THE INVENTION

According to one embodiment of the present invention, a computer systemis disclosed. According to this embodiment, the computer system includesa host domain that has at least one host computer. The computer systemalso includes a storage domain, coupled to the host domain, thatcomprises a plurality of primary storage devices, a secondary storagedevice and a switched network coupled to the primary storage nodes andto the secondary storage node.

According to another embodiment of the present invention, a computersystem is disclosed that includes a plurality of host computers, each ofthe host computers constituting a different platform. The computersystem further includes a plurality of primary storage devices, eachbeing associated with at least one of the host computers. The systemalso includes a secondary storage device, coupled to a plurality of theprimary storage devices, the secondary storage device being configuredto receive backup data from each of the host computers.

According to another embodiment of the present invention, a method oftransferring, data from a primary storage node to a secondary storagenode is disclosed. According to this embodiment, a connection isautomatically established from one of the primary storage elements to asecondary storage element, for transferring data to the secondarystorage element. Data is transferred from the primary storage elementdirectly to the secondary storage element over the first connection.

According to another embodiment of the present invention, a method ofsending a copy of data from a storage element of a computer system isdisclosed. According to this embodiment, the data is first formulatedinto an abstract block set. The abstract block set is transmitted. Inthis and other embodiments, the steps of formulating and transmittingmay be performed sequentially or concurrently.

According to another embodiment of the present invention, a method ofstoring a logical object is disclosed. According to this embodiment, thelogical object is formulated into an abstract block set and stored.

According to another embodiment of the present invention, a storagedevice is disclosed. According to this embodiment, the storage deviceincludes a memory and means for transmitting an abstract block set fromthe memory.

According to another embodiment of the present invention, a secondarystorage system is disclosed. According to this embodiment, the secondarystorage system includes a secondary storage media and means for storingan abstract block set on the secondary storage media.

According to another embodiment of the present invention, a computerreadable media storing a logical object is disclosed. According to thisembodiment, the media includes a plurality of data blocks, each storingon the readable media a portion of data from the logical object, and ametadata segment, stored on the readable media, to identify the order ofdata blocks in the logical object.

According to another embodiment of the present invention, a method ofgenerating a backup for a logical object is disclosed. According to thisembodiment, data blocks of the logical object that have changed since anearlier point in time are identified. The identified data blocks arestored as a differential abstract block set.

According to another embodiment of the present invention, a storagedevice is disclosed. According to this embodiment, the storage deviceincludes a memory, means for identifying data blocks that have changedsince an earlier point in time and means for transmitting a differentialabstract block set from the memory.

According to another embodiment of the present invention, a method offorming an updated abstract block set is disclosed. According to thisembodiment, a full abstract block set is provided. A differentialabstract block set is also provided. The full abstract block set and thedifferential abstract block set are combined to form the updatedabstract block set.

According to another embodiment of the present invention, a method offorming an updated backup of a logical object is disclosed. According tothis embodiment, a first backup of the logical object is provided. Adifferential backup of the logical object is also provided, thedifferential backup including a plurality of backup data blocks thathave changed since the first backup was formed. The backup data blocksare added to the first backup and metadata identifying an order of datablocks in the updated backup is added.

According to another embodiment of the present invention, a secondarystorage device is disclosed. According to this embodiment, the storagedevice includes a secondary storage media and a controller programmed tocombine a first backup and a differential abstract block set to form afull abstract block set.

According to another embodiment of the present invention, a method ofcopying a logical object is disclosed. According to this embodiment, aset of storage segments of a computer storage device are identified,each of the identified segments including data from at least onephysical block of a logical object. The identified storage segments arecopied. According to this embodiment, at least one of the copied storagesegments includes a plurality of the physical data blocks. Thus, thesize of the storage segment is not necessarily the same as the size ofindividual physical data blocks.

According to another embodiment of the present invention, a method ofcreating a backup of a logical object is disclosed. According to thisembodiment, a set of backup segments is received, each backup segmentincluding at least one physical block of a logical object. The receivedstorage elements are stored, at least one of the storage segmentsincluding a plurality of the physical data blocks.

According to another embodiment of the present invention, a computerreadable media storing a backup copy of a logical object is disclosed.According to this embodiment, a plurality of data segments are stored onthe readable media, each data segment including at least one datablockof the logical object, and at least one of the data segments including aplurality of the logical data blocks. This embodiment further includes ametadata segment, stored on the readable media, to identify data blocksof the logical object in the data segments. In this embodiment, the datasegment may, for example, be a track including a plurality of fixed sizeblocks.

According to another embodiment of the present invention, a computerstorage system is disclosed. According to this embodiment, the systemincludes a computer storage device that includes a plurality of physicalstorage segments (which, in one embodiment, is a track) each storing atleast one datablock. The system further includes means for identifying aset of storage elements, each storage segment of the set including atleast one physical block of a logical object and means for transmittingthe identified storage segments.

According to another embodiment of the present invention, a method ofbacking up a logical object at a fixed point in time is disclosed.According to this embodiment, a set of storage segments that includelogical data blocks of the logical object are identified. These storagesegments are copied to a backup storage device, out of order from theorder of storage segments or logical data blocks appearing in thelogical object. During the copying step, if a storage segment thatincludes a physical block of the logical object is to be modified, thatstorage segment is immediately backed up. In this and other embodiments,the storage segments may (but need not) correspond in size to the sizeof data blocks.

According to another embodiment of the present invention, a computerstorage system is disclosed. According to this embodiment, the systemincludes a computer storage device that has a plurality of storagesegments. The system further includes means for identifying a set of thestorage segments that includes logical objects, logical data blocks;means for copying the identified storage segments, out of order from theorder of logical data blocks and the logical object; and means forimmediately copying storage segments to the backup storage device if anattempt is made to modify a physical block of the storage segment.

According to another embodiment of the present invention, a method ofcopying a logical object to a primary storage device is disclosed.According to this embodiment, a copy of the logical object is provided.Physical blocks of memory in the primary storage device are allocatedfor storing the logical object. A map of the data blocks of the copy ofthe logical object to the physical blocks of the primary storage deviceis created. The data blocks are copied to the physical blocks, based onthe map.

According to another embodiment of the present invention, a method ofcopying a logical object to a primary storage device is disclosed.According to this embodiment, an abstract block set copy of the logicalobject is provided. Physical blocks of memory are allocated in theprimary storage device to store the logical object. The data blocks ofthe copy of the logical object are mapped to the physical blocks of theprimary storage device and the data blocks are copied to the physicalblocks based on the mapping.

According to another embodiment of the present invention, a computerstorage device is disclosed. According to this embodiment, the deviceincludes a memory including a plurality of physical data blocks. Thedevice further includes means for storing the data blocks of an abstractblock set to the physical data blocks, based on a mapping of the datablocks to a set of the physical data blocks.

According to another embodiment of the present invention, a method ofcopying a logical object is disclosed. According to this embodiment, aset of storage segments that includes the logical data blocks areidentified. The storage segments may correspond to the logical datablocks, or may be of a different size. The identified storage segmentsare copied to a second storage device, out of order from the order oflogical data blocks in the logical object.

According to another embodiment of the present invention, a method ofcopying a logical object is disclosed. According to this embodiment, aset of storage segments that includes the logical data blocks of thelogical object are identified. The identified storage segments arecopied to a second computer storage device in parallel. Metadata isprovided to identify the order of data stored in the identified storagesegments in the logical object.

According to another embodiment of the present invention, a method ofbacking up a logical object that includes a plurality of logical blocksis disclosed. According to this embodiment, a first and a second backupmedia are provided. In one embodiment, each backup media is a digitalstorage tape. Logical blocks are written to the first and the secondbackup media in parallel.

According to another embodiment of the present invention, a secondarystorage device is disclosed. According to this embodiment, the secondarystorage device includes a plurality of storage components and means forwriting portions of an abstract block set to the storage components, inparallel.

According to another embodiment of the present invention, a method ofrestoring a logical object is disclosed. According to this embodiment, afirst and a second portion of a copy of the logical object are provided.Data blocks stored in the first portion and data blocks stored in thesecond portion are read in parallel. The logical object is restored fromthe read data blocks.

According to another embodiment of the present invention, a secondarystorage device is disclosed. According to this embodiment, the secondarystorage device includes means for reading data from a plurality ofstorage components, in parallel, and means for providing the read datato another device as an abstract block set.

Each of the above disclosed inventions and embodiments may be useful andapplied separately and independently, or may be applied in combination.Description of one aspect of the inventions are not intended to belimiting with respect to other aspects of the inventions.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates an example of conversion of application level data tostorage in a physical system and vice versa.

FIG. 2A illustrates an example of the relationship between logicalvolumes and physical storage devices.

FIG. 2B illustrates an example of mapping a logical file onto a physicalstorage system.

FIG. 2C illustrates another example of mapping a logical object onto aphysical storage device.

FIG. 3A illustrates an example of mirroring on different physicalstorage devices.

FIG. 3B illustrates an example of redundant parity information onphysical storage devices.

FIG. 4 illustrates an example of multiple redundancy groups within asingle array of storage devices.

FIG. 5 illustrates an example of a backup storage system.

FIG. 6 illustrates one embodiment of a backup storage system thatincludes a mechanism for direct backup of data on the primary storagesystem.

FIG. 7 illustrates an example of a storage system.

FIG. 8 illustrates one example of a computer storage system structuredto have an enterprise host domain and an enterprise storage domain ornetwork, according to one embodiment of the present invention.

FIG. 9 illustrates another example of a computer system including anenterprise host domain and an enterprise storage domain, according toone embodiment of the present invention.

FIG. 10 illustrates one embodiment of a method of copying or backing upa logical object.

FIG. 11A illustrates one example of some of the components of a computersystem that includes a host domain and a storage domain, according toone embodiment of the present invention.

FIG. 11B illustrates another embodiment of components of a computersystem that is divided into a host domain and a storage domain,according to one embodiment of the present invention.

FIG. 12 illustrates one embodiment of a method for copying or backing updata in a computer storage system.

FIG. 13 illustrates one example of mapping a logical object onto aphysical storage device and formation of an abstract block set forcopying or backup, according to one embodiment of the present invention.

FIG. 14 illustrates one embodiment of a method for forming an abstractblock set.

FIG. 15 illustrates one embodiment of a method for copying or restoringa logical object from an abstract block set.

FIG. 16 illustrates one example of combining two forms of metadata for alogical object into a remapping table for restoring the logical objectto a new area of memory.

FIG. 17 illustrates one example of storage of a logical object across acomputer system and formation of an abstract block set using physicalbackup segments corresponding to track size, according to one embodimentof the present invention.

FIG. 18 illustrates an example of one embodiment of metadata for anabstract block set that has a physical backup segment granularity largerthan the size of a datablock.

FIG. 19 illustrates one embodiment of a method for backing up a logicalobject while preventing updates to the logical object during the backup.

FIG. 20 illustrates one example of a system that includes markers forphysical backup segments, permitting avoidance of updating informationwithin a logical object during a backup process, according to oneembodiment of the present invention.

FIG. 21 illustrates one embodiment of a method for performing adifferential backup.

FIG. 22 illustrates one embodiment of tracking changes at the physicallevel of a system, and converting those changes to logical information.

FIG. 23 illustrates an example of performing a differential backup on alogical object, according to one embodiment of the present invention.

FIG. 24 illustrates one example of forming full and differential logicalbackup objects for backup of a logical object, according to oneembodiment of the present invention.

FIG. 25 illustrates one example of combining an abstract block set and adifferential abstract block set into a single full abstract block set,according to one embodiment of the present invention.

FIG. 26 illustrates one embodiment of a method for combiningdifferential abstract block sets with a full abstract block set toproduce a new full abstract block set.

FIG. 27 illustrates one example of a system for backing up data on aprimary storage node, using a secondary storage node, according to oneembodiment of the present invention.

FIG. 28 illustrates one embodiment of a state diagram for anysynchronous transfer of data for copying or backup.

FIG. 29 illustrates one embodiment of a state diagram for asynchronousrestore of a backed up logical object.

FIG. 30 illustrates one embodiment of a system and data flow within asystem for sending copy of backup information from a primary storagenode.

FIG. 31 illustrates one embodiment of a method for sending data from aprimary storage node.

FIG. 32 illustrates one embodiment of a structure and data flow forcontrol of writing information to a backup media.

FIG. 33 illustrates one example of a tape media written with backupabstract block sets.

DETAILED DESCRIPTION

The architectures illustrated in FIG. 5 and FIG. 6 may be viewed asfocusing on a network model for storage, or a “network-centric” system.In such a system, the focus of data transfer is movement of logical dataacross a network. Moreover, the storage system 52 and backup storagesystem 54 are typically associated with a single client or host 50architecture.

An alternative model focuses on a separation of the client or hostdomain and the storage domain.

FIG. 8 illustrates one example of a system which segregates the hostdomain from the storage domain. In FIG. 8, a number of host computers 80are included in an enterprise host domain 80 a. The host computers canbe any type of computers, operating systems and data managementapplications. For example, one host computer 80 may be a Hewlett Packard9000 computer system running an HP-UX Operating System. Another hostcomputer 80 can be a Sun Spark Station running a Solaris operatingsystem. The combination of a host, operating system and applicable datamanagement application is referred to as a “platform.” Each of the hostcomputers 80 may constitute a different platform interfacing with thestorage network 89.

The host computers 80 in the enterprise host domain 88 may be connectedover a network. This network may include switching nodes 81, althoughany other form of network may be used.

In the embodiment of FIG. 8, the host computers 80 are coupled to theenterprise storage 89 through a network or directly to primary storagenodes 82. A primary storage node is a memory device that can storesignificant amount of data for use by the host 80. For example, aSymmetrix system, such as the one described above with respect to FIG.7, may be used as a primary storage node, although this is not intendedas limiting.

In the embodiment of FIG. 8, each host computer is coupled to a subsetof primary storage nodes 82, for use as a main memory for that hostcomputer. For example, host computer 80 a is coupled directly to primarystorage node 82 a. The host computer 80 a may rely on primary storagenode 82 a for most of its memory intensive functions, such as foraccessing a very large database.

The primary storage nodes 82 may also be coupled together through anetwork. In the example of FIG. 8, the network includes link 85 andswitch network 84. The switch network 84 may, for example, be a fiberchannel network. The link 85 may be an RDF link over an ESCON line.

The network between primary storage nodes may serve two purposes. Thenetwork may permit transfer of data between primary storage nodes. Forexample, a database being manipulated by host 80 a, and stored inprimary storage node 82 a, may be transmitted to primary storage node 82b for use by host 80 b. By transmitting the database across theenterprise storage network (using link 85 or switching network 84), thecomputational resources of the host 80 a, 80 b, and the availablebandwidth in the enterprise host domain network, can be preserved.

The enterprise storage network 89 may also include a secondary storagenode 87. The secondary storage node may be used for backup functions,hierarchical storage management, virtual disks and other functions.Thus, the secondary storage node 87 may be coupled to a tape storageunit 83. The secondary storage node 87 would coordinate sophisticatedtransfer of data from the primary storage nodes 82 to the tapes storedin a tape storage unit 83. (Other embodiments may use additional oralternative media for secondary storage.)

FIG. 9 illustrates one embodiment of a computer network constructedaccording to one aspect of one embodiment of the present invention. Inthis embodiment, an enterprise host domain 97 is provided. Theenterprise host domain 97 includes a variety of host computers 90 a-90c. The host computers may include different platforms and differentcorresponding mechanisms for accessing and storing data in the memory.For example, host computer 90 a is a Hewlett Packard HP 9000 computer.Host computer 90 c is a Sun Spark Station which may be running a SolarisOperating System. The host computers may communicate with each otheracross a network 96. Such a network can be one of many computer networksknown and applied for connecting computers.

In the embodiment of FIG. 9, each host computer 90 a-90 e is connectedto a primary storage node 92 a-92 c. In this embodiment, each primarystorage node 92 a-92 c is an iterative cached disk array, such as aSymmetrix memory system such as the one described above with respect toFIG. 7, although this is not intended to be limiting. Thus, for example,host computer 90 a interfaces primarily with storage node 92 a.Similarly, host computer 90 b uses primary storage node 92 a as aprimary source of its data.

In the embodiment of FIG. 9, the host computer 90 a is connected to theprimary storage node 92 a over a high speed fiber channel 91 a. The host90 b, however, is connected to the primary storage node 92 a over astandard SCSI connection. Each of the hosts 90 a and 90 b are coupled tothe same primary storage node 92 a. Other mechanisms could be used toconnect the host computers 90 a-90 e to the primary storage nodes 92a-92 c. For example, a complete switched network could be employed, forany of the host computers to access any of the primary storage nodes 92a-92 c.

Each of the primary storage nodes 92 a-92 c may also be coupled togetherusing a network. In the example of FIG. 9, the only link among theprimary storage nodes is an ESCON remote data facility (ESCON “RDF”)link 93 g. Such a link may be used for transferring of data ormaintaining a mirror of data either on-line or as a periodically updatedmirror. Such a link may be implemented as described in U.S. Pat. No.5,544,347 (Yanai), which is incorporated herein by reference in itsentirety. Each of the primary storage nodes 92 a-92 c may be coupledtogether using any other mechanism. For example, an RDF link could beused to fully connect each of the primary storage nodes 92 a-92 c. Inthe alternative, a switch network could be used, assuming that thenetwork is of sufficiently high speed to support the data operationsamong the primary storage nodes 92 a-92 c.

The storage network 98 in the embodiment of FIG. 9 further includes asecondary storage node 94. The secondary storage node is used for backup(and other) functions, for example by storing and restoring informationto and from a tape library 95.

In the embodiment of FIG. 9, each of the primary storage nodes isconnected or connectable (by a network) to the secondary storage node94. In this example, primary storage nodes 92 b and 92 c are coupled tosecondary storage node 94 each using an RDF link (93 c and 93 drespectively) which may be implemented as described above.

The primary storage node 92 a is connected (together with other primarystorage nodes, not shown) to the secondary storage node 94 over aswitched network, which will permit each of the systems to access thesecondary storage node 94.

Using an RDF (or other) link that permits high speed transfer of dataover long distances, the primary storage nodes 92 a-92 c and thesecondary storage device 94 may be physically located at great distancesapart.

Of course, other topologies and other mechanisms may be used withoutdeparting from the scope of the invention.

Many of the applications for computers now focuses as much or more onmemory than on the ability of the system to perform computations. Forexample, access to very large databases has become an extremelyimportant and valuable application for computers.

In the past, the focus of computer systems has been on interconnectinghost computers each having their own associated memory, or providingnetwork access to a single memory. This focus demands host computer andnetwork resources.

In the storage-centric model, however, the storage component of thecomputer system is elevated to a status of equal importance. In such amodel, the storage components of the system are capable interacting witheach other with less involvement from the host domain. For example, itmay be desirable to permit mirroring across one or more primary storagenodes. Similarly, data objects may need to be copied from one primarystorage node to another primary storage node. Where additional levels ofbackup are desirable, the primary storage nodes may also transfer datato a secondary storage node for backup purposes. The primary storagenodes may, correspondingly receive data from the secondary storage nodesfor restore. In a storage centric model, some or all of the resourceintensive functions in such a system can be moved out of the hostdomain. Certain embodiments following this model can preserve hostdomain resources, increase scalability of memory (by adding to thestorage domain without as much concern about affect on host domainresources) and reduce dependence on the particular platforms of thehosts in the host domain.

FIG. 10 illustrates, at a very basic level, how data is moved in onesuch system. At a step 100, the physical elements (e.g., data blocks)that need to be copied, backed up or restored are identified. At a step102, those physical elements are transferred.

For example, for a copy, the physical elements that are to be copied areidentified at step 100. In addition, the location of where the elementsare to be copied to are identified. For a copy between primary storagenodes, this may involve identifying the copy from locations and thecopied to locations. For a backup, this involves identifying the copyfrom locations and may be as simple as determining what tape or otherbackup storage element will receive the backup data.

For a copy between primary storage nodes, the physical elements aretransferred from the identified copy from locations to the identifiedcopy to locations. For a backup, the physical elements are copied totapes. (Although reference is made to tapes as secondary storage, thisis not intended to be limiting. Any other storage media may be used).

The step 100 can, however, be extremely complicated. In many cases, itis not desirable to copy the entire contents of a primary storage node.Rather, only a subset of the physical elements in the primary storagenode may need to be copied. As one example, consider backing up adatabase stored in primary storage node 92 a of FIG. 9. This databasemay occupy only a small portion of the total data stored in the primarystorage device 92 a—in fact, there may be an extremely large segment ofdata accessible primarily by the host computer 90 b which host 90 a maynot even be capable of reading (because it is a different platform thanthe host computer 90 a).

In short, it may be desirable to backup a logical object stored within aprimary storage node. In this case, the step 100 requires mapping thelogical object onto the physical elements in the primary storage node 92a in order to identify the physical elements that need to be copied from92 a. As described above with reference to FIG. 2C, these physicalelements may be located in disparate locations within the primarystorage device.

The step 102 may similarly be complicated. Even after all of thephysical elements in the primary storage device have been identified,simply transferring the physical elements is insufficient. Therelationship between the physical elements may need to be preserved forthe copied or backed-up logical object to be read by the host computercoupled to the receiving primary storage node. One mechanism for use ofmapping a logical object to physical elements and preserving the logicalrelationship between those physical elements is discussed below. This isnot intended as limiting with respect to other aspects of the presentinvention.

In any event, under a storage-centric model of computer storage, it maybe desirable to permit as much of the data transfer process (e.g., theone shown in FIG. 10) to be performed within the storage network—andwithout requiring resources from the host domain. Accordingly, theprimary storage nodes and the secondary storage nodes in the network mayinclude sufficient intelligence to handle aspects of the data transferprocess. For example, the primary storage nodes may be capable, at aminimum, of managing the transfer of identified physical elements in alogical object even when those physical elements are stored in disparatelocations within the primary storage device. In a storage centric modelof a computer system, it may be desirable to move some (or as much aspossible, in some cases) of the data transfer functions to be performedusing resources among primary and secondary storage nodes within thestorage domain.

The computer system may include a storage management application(“SMAPP”) for managing manipulation of storage within the storagedomain. The SMAPP can be implemented using software on the hostcomputers, primary storage nodes, a separate storage controller or insome combination of these, as described below with reference to FIGS.11A and B, below.

The storage management application can be implemented using threeprimary components—a management component, server component and clientcomponent.

The management component controls configuration of the backup, controland monitoring of the backup and copying processes in the storagedomain. The management component also tracks location of copies oflogical objects in the storage system including, for example, what tapeor tapes contain backups of each particular logical object.

The server component controls the hardware functions of the memoryprocess, such as acts of mounting and dismounting tapes, opening andclosing, reading and writing tapes and other memory media.

The client component of the SMAPP handles manipulation andidentification of the backup or copy-from source. For example, theclient component is responsible for identifying the applicable logicalobject (e.g., file system, file or database) and determining whatoperating system level (or logical volume manager level) physicalelements are involved. (As described above, an additional layer ofmapping may be performed within the storage domain at the primarystorage element of 111. For example, if the primary storage element 111is a Symmetrix product as described above, the identified physicaltracks may be re-mapped within the primary storage element 111.)

FIG. 11A illustrates one example of a portion of a computer systemhaving a host domain and a storage domain. In the example, only one host110 is shown in the host domain. In addition, only three components areshown in the storage domain. These are the primary storage element 111(which may be, for example, a Symmetrix disk array), a secondary storageelement 112 and a tape library unit 113. As described above, additionalstorage elements may be included, coupled together by a network. Forsimplicity, the example of FIG. 11A shows only one element from each ofthree different storage levels—host, primary storage element andsecondary storage element.

In the example of FIG. 11A, a storage management application (“SMAPP”)114 is primarily a resident on the host computer 110. Thus, the hostcomputer would include an Application Programming Interface (“API”)which would permit management of copying, backup and restore (and other)operations. In addition, the storage management application 114 on thehost 110 includes a server component 115 b. Again, the host wouldinclude an API permitting management of server operations. Finally, thestorage management application 114, in this example, includes a clientcomponent 115 c. The client component would be responsible foridentifying and manipulating logical objects and identifying (from theoperating system or logical volume management level view of) thephysical elements that comprise the logical object.

For simplicity, the operation of performing a backup from the primarystorage element 111 to the secondary storage element 112 will bedescribed. A similar process would apply for setting up mirroring orcopying functions between primary storage elements in a network.

In this example, the primary storage element includes an SMAPP interface116 a. Similarly, the secondary storage element 112 includes an SMAPPinterface 116 b. The copying of a logical object from the primarystorage element 111 to the secondary storage element 112 in theembodiment shown in FIG. 11A may proceed as follows. First, a “virtualcircuit” or “connection” is set up between the primary storage element111 and the secondary storage element 112. This may be a virtual circuitestablished through a network coupling the primary storage element tothe secondary storage element 112 (including a single RDF link betweenthe primary storage element 111 and the secondary storage 112, forexample). In addition to establishing a physical connection between thenodes, the virtual circuit identifies a session for copying a series ofdata (comprising, e.g., the logical object) over the identifiedconnection.

Thus, the management component 115 a on the SMAPP 114 on the hostcomputer 110 may begin a backup session by instructing the primarystorage element to establish a virtual circuit with the secondarystorage element 112. The actual establishment of the virtual circuit maythen be performed by the SMAPP interface 116 a of the primary storageelement 111 in combination with the SMAPP interface 116 b of thesecondary storage element 112.

The client component 115 c of the host computer 110 identifies a logicalobject for backup. The client component 115 c then maps that logicalobject to the operating system (or a logical volume manager level) setof physical elements. This mapping may be performed in one step. Theclient component 115 c of the host 110 may then identify the elementsfor copying to the primary storage element 111, as communicated throughthe SMAPP interface 116 a.

The server component 115 b of the host 110 would identify and mount theappropriate tapes in the tape library unit 113. In this particularexample, the server component 115 b performs these commands by passingthem to the SMAPP interface 116 b of the secondary storage element 112,through the SMAPP interface 116 a of the primary storage element 111,which then mounts the tapes.

The actual performance of the backup process may proceed, withoutfurther control by the host 110 of the host domain (except, in someembodiments, monitoring the process and managing the backup media, e.g.,controlling changing of tapes in a tape drive). The primary storageelement 111 may copy the identified physical segments to the secondarystorage element 112.

FIG.11B illustrates an alternative structure for control of the storagedomain of a computer system according to the present invention. In thisexample, a storage network controller 118 a is connected to the host110, primary storage element 111 and secondary storage element 112through a network 119. This network, for example, may follow the TCP/IPprotocol. The storage network controller 118 a may be any hardware, orhardware and software, combination capable of performing the requisitefunctions. For example, the storage network controller 118 a may be acomputer running a windows NT operating system, with suitableapplication software for performing the SMAPP functions.

In this example, a significant portion of the SMAPP software is residenton the storage network controller 118 a. Thus, the SMAPP 118 b of thestorage network controller 118 a includes a management component and aserver component. Thus, management of the hardware and media can beperformed by the storage network controller 118 a, independent of thehost computer 110.

In this example, the host 110 includes an SMAPP 117 to perform clientfunctions. Thus, logical to physical mapping is still performed in thehost domain by the host computer 110. As the client component of theSMAPP 117 is responsible for identifying logical objects and performinglogical to physical mapping, this can be a sensible arrangement. Thelogical to physical mapping depends on the particular host platform andthe host necessarily has elements capable of performing the requisitemapping.

In other embodiments, however, the client component can be included inthe storage network controller 118 a, or in a separate device capable ofperforming logical to physical mapping for one or more platforms. Wherethis is done, the identification and transfer of data for copying andbackup purposes can be performed completely separately from the hostdomain. In many systems, however, it will be more efficient to use thememory mapping mechanisms (client component) on the host computer.

Other arrangements of the SMAPP software are possible. For example, thecomponents of the SMAPP software may be distributed across the primarystorage elements in the storage domain, the secondary storage element orelements in the host domain or some combination thereof.

FIG. 12 illustrates one embodiment of a method for transferring alogical object according to a system such as the one shown in FIGS. 11Aand 11B. At a step 120, a virtual circuit is established. As describedabove, this may correspond to establishing a physical connection betweenthe element being copied from (e.g., a primary storage element) to thestorage element being copied to (e.g., a secondary storage element). Inaddition, this step 120 corresponds to establishing a session forperforming the copying over the connection. As described above, theestablishment and managing of the virtual circuit can be performed by anSMAPP component resident on a host computer, storage network controller,or other device.

At a step 121, the logical object is mapped to identify the physicalelements being copied from. For performing a backup, this wouldcorrespond to mapping an identified logical object at the applicationlevel to a set of physical elements at the storage level.

To restore from a tape, this would correspond to identifying the logicallocations of the segments of memory on the tape. If the tape contains alogical bit file, this step is straightforward. No actual mapping needsto take place. In other circumstances, such as the abstract block setsdescribed below, a table or other structure may identify the mapping ofportions of the physical elements to their order in the logical object.The actual mapping from the logical level to the physical level may havebeen performed at the time of the backup and saved.

At a step 122, update to physical elements is prevented. For example, ifa database is being backed up from a primary storage element to tape,updates of the logical object should be prevented so that the backup cancorrespond to a single point in time. Of course, if the copying is froma backup tape to a primary storage element, the freezing of updating thephysical elements is rather simple—the tape will not be written while itis being read from in the restore. In one embodiment, a method forconcurrent copying described below may be used to prevent the update ofphysical elements during the copying process.

At a step 123, the copy-to memory is managed. For a backup from aprimary storage element to tape, this may correspond to mounting anddisbounding the appropriate tapes, as well as managing the tape library,catalog information, as well as writing appropriate tape headers andtrailers. Where the information is being copied to another primarystorage element, this may correspond to managing the receiving physicalelements of the primary storage element being copied to. In addition, itmay involve setting up an appropriate storage area to receive theinformation.

At a step 124, the actual physical elements are copied. The copying maybe done in the appropriate order for the logical object, such as when anordinary data file is sent at the application level between two hostcomputers. In the context of a backup, one such system is described inU.S. patent application Ser. No. 09/107,679, which is incorporatedherein in its entirety. In an alternative embodiment, the physical datablocks may be copied out of order, together with appropriate metadataidentifying the correct order of the physical elements in the logicalobject. An embodiment of this type of system is described below.

At a step 125, the physical elements of the logical object, in thecopy-from memory, are unfrozen—allowing updates of the logical object.The backup is complete and the physical elements can be unfrozen.

Finally, at a step 126, the virtual circuit may be closed.

Logical Object Translation to Abstract Block Sets

As described above, there are at least two different ways of passingdata blocks of a logical object to a storage element—transferring theblocks in order as a logical object (as is done over a network betweenhost computers) and a pure physical copy (which may not preserve thelogical relationship among the data). Each of these possibilities hasadvantages and disadvantages. For example, copying each data block of alogical object in order preserves the relationship between data blocks.On the other hand, copying the blocks in order may result in delays asthe storage elements sequentially retrieve the data blocks or sort thedata blocks for writing, as a part of the copy process. On the otherhand, pure copying of physical elements can be unnecessarily slow ifunused physical elements are copied. In addition, the logicalrelationship between the data blocks that are copied may be lost.

An alternative is to use an abstract block set structure, as describedmore fully below. This type of structure is useful not only in thestorage network architecture as described above, but has greaterapplicability. For example, the abstract block set concept may beemployed in any system where logical objects are copied from one storageelement to another storage element. The abstract block set can also beused to particular advantage when used for backing up and restoring datafrom a secondary storage device, such as a tape drive.

The abstract block set permits storage of the data blocks in any order.The abstract block set includes information about the ordering of thoseelements.

FIG. 13 illustrates one example of an abstract block set. From theapplication perspective, a logical object 130 includes a number of datablocks 130 a-130 f (ordinarily a logical object may includesubstantially more data blocks, FIG. 13 being by way of illustrationonly). The data blocks having a logical relationship or order, asillustrated by labels A-F in the logical object 130.

The logical object is stored in a physical memory 131, as generallydescribed above with reference to FIG. 2C. Each column may be viewed asa track (although this is not intended as limiting), and each row as arow of blocks within the tracks. As shown in FIGS. 2C and 13, thelogical data blocks may be scattered throughout the physical memory 131.

An abstract block set 132 may be constructed from the data blocks 130a-130 f. In the abstract block set 132, the data blocks are notnecessarily stored in the same order as they appear in the logicalobject. In this example, they are in a random or pseudo-random order.(As a practical matter, the order of data blocks may reflect the waythat the data blocks are stored in a physical storage 131. For example,if data blocks A and B are stored on one track they would probably beread and written to abstract block set 132 in the order they appear onthat same track. The abstract block set 132 appearing in FIG. 13 is forillustration only.)

Because the logical data blocks are not in order in the abstract blockset 132, it may not be possible to reconstruct the logical object givenonly the data blocks 132 a-132 f.

Accordingly, the abstract block set 132 includes metadata 133. Themetadata is any recorded information that provides a mechanism toreconstruct the order of logical data blocks as they appear in thelogical object 130.

In the example of FIG. 13, the metadata 133 includes an ordering oflogical block elements (the column labeled LBEL) with the physicalelement location. Thus, logical block element 1 has metadatacorresponding to the address of that logical data block in the physicalmemory 131—the physical element address. Using the metadata illustratedat 133, each of the stored data blocks 132 a-132 f in the storedabstract block set 132 would need to include a label with thecorresponding physical address. Thus, for example, to locate the firstlogical data block 130 a of the logical object 130, one could examinethe metadata 133 and determine that the first abstract block set (asshown in the first column of the metadata 133) has a physical addressADDR-A. This data block could then be found in the abstract block set132 by examining the physical addresses of the data blocks 132 a-132 f(the physical addresses appearing within the data blocks 132 a-f), untilthe appropriate block is found.

Of course, there are a variety of other formats that could be used forthe metadata. As one example, a label other than the physical addresscould be used. As another the metadata 133 could just describe the orderof the logical block elements in the abstract block set 132. In thiscase, the second column of the first row of the metadata 133 couldindicate that the first logical data block (corresponding to A) isstored as the sixth block in the abstract block set 132.

For each of these alternatives, the first column of the metadata 133 isnot required. The order of the elements in the second column correspondsto their location within the logical object 130; the address for thefirst logical block element appears first in the table, the address forthe second logical data block appears as the second entry in the secondcolumn, etc.

Metadata 134 illustrates another way of storing the metadata associatedwith the logical block 132. In this table of metadata, a first columncorresponds to the ordering of data blocks as they appear in theabstract block set (as above, unnecessary as the order that the rowsappear implies this information—the first row is the first block in theabstract block set). The second column indicates the position of thedata block within the logical object 130. Thus, the first entry in thefirst row of the metadata 134 corresponds to the data block 132 a of theabstract block set 132. This is the second data block 130 b of thelogical object 130. Accordingly, the second column has a “2” indicatingthat this data block 132 a is the second data block of the logicalobject 130. The last column of the metadata 134 provides the physicaladdress for the applicable data block in the physical memory 131.

Using the metadata shown at 134, there would be no need to store thephysical address of the data block with (or other tag) with the datablocks as stored with the abstract block set 132.

As above, using the metadata 134, it is not strictly necessary to storethe physical address within physical memory 131 of the applicable datablock. This may, however, be useful information to include within themetadata 134. In many cases, restores will be made to the same memorylocations from which the information was backed up. In this case, itwill be easier to restore to those addresses in the physical memory131—that information was not available. Otherwise, a logical to physicalmapping step may be required to determine again where the appropriateaddresses are for the restored data blocks.

Other formats of metadata may be used. For example, metadata may betracked for extents (sequences of blocks) rather than individual blocks.

FIG. 14 illustrates one embodiment of a method for copying a logicalobject to form an abstract block set as described above. At a step 140,the logical object is identified. As described above, the logical objectcan be any logical entity, such as a database, a segment of a database,file, or file system.

At a step 141, the logical block elements or logical data blocks of thelogical object are identified. This may precede as generally describedabove.

At step 142, the logical block elements are mapped to physical backupsegments. The physical backup segments may correspond to the physicalelements that store the logical data blocks. In the event that theabstract block set is to include metadata of the form illustrated attable 133, the mapping step 142 may include formulating that informationinto whatever format the metadata is stored in.

As described above, the steps 140-142 may be performed by a clientcomponent of a storage management application. In some systems, this mayrequire the resources of a host computer.

The remainder of the copying process may proceed without significantinvolvement of the client component of the storage managementapplication.

At a step 144, is to determine whether all physical backup segments havebeen copied. If so, the copying process is complete at step 145.

If not all of the physical backup segments have been copied, the nextavailable backup segment is copied at step 146. As described above, thiscopying need not be performed in the order appearing in the logicalobject identified at step 140.

In the event that the metadata is being stored as shown at table 134 ofFIG. 13, then the metadata may be updated after the applicable backupsegment has been copied into the medium holding the abstract block set.For this form of metadata (but not the form shown at 133 of FIG. 13).This may not occur until the applicable backup segment is copied to themedium storing the abstract block set because, until that time, theorder of appearance for the applicable physical backup segment is notknown.

FIG. 15 illustrates one embodiment of a method for restoring an abstractblock set to a memory system, such as the primary storage node describedabove.

At a step 150, the metadata for the abstract block set is retrieved.This may be in the form of a map for the abstract block set such asthose illustrated at 134 of FIG. 13 or may be a set of labels associatedwith the individual data blocks stored in the abstract block set, suchas in table 133 of FIG. 13.

At a step 151, memory is allocated in the target storage device forreceiving the logical object. The amount and configuration of the memoryrequired to receive the logical object can be determined from themetadata for the abstract block set. Thus, the metadata will includesufficient information to determine the characteristics of storagerequired. For example, in the event that the abstract block setindicates use of fixed size blocks, the total number of (fixed size)blocks required to store the logical object can be determined by thenumber of entries and a metadata table or maybe separately stored as apart of the metadata for the abstract block set.

At a step 152, dummy metadata is created for the newly allocatedphysical memory for the logical object to be restored. The result can bea new table such as the one shown at 133 of FIG. 13.

At a step 153, a re-mapping table is created. The re-mapping tablespecifies a correspondence between the data blocks of the abstract blockset is the source of data and the allocated data blocks in the physicalmemory. An example of a re-mapping table is described with reference toFIG. 16. Although shown in tabular form, the data can be stored in otherforms and formats.

At a step 154, it is determined whether all of the physical backupsegments have been restored from. If so, the restore is complete at astep 155.

If not, at a step 156, the next physical backup segment is retrieved. Ata step 157, the location and the newly allocated memory for receivingthe logical object is determined. This can be done by examining there-mapping table created at step 153. In addition, the retrieval ofsegments done at step 156 need not be in any specific order. There-mapping table permits restoration of the entire logical object evenwhen the data blocks are provided in a random order.

At a step 158, the data from the physical backup segment is restored tothe appropriate locations. Steps 154-158 then continue until all of thedata blocks have been properly restored.

FIG. 16 illustrates an example of creation of a re-mapping table. Ofcourse, many variations on the creation of re-mapping table arepossible, depending on how the metadata is formulated and stored for theabstract block sets.

In FIG. 16, metadata 160 is provided for the abstract block set that isserving as the source for the restore. This table corresponds to themetadata 133 of FIG. 13.

FIG. 16 also illustrates dummy metadata 161 for the allocated memorythat will receive the restored logical blocks of the restored logicalobject. In this embodiment, the format is the same as that for themetadata 160, except that different addresses (potentially on acompletely different storage element) are provided. Thus, for the firstrow in metadata 161, the first logical data block should be stored atthe physical location specified at ADDR-AA.

A simple merging of these two tables can result in a re-mapping table162. The remapping table 162 specifies the physical location from thedata in the abstract block set and the destination for the that logicaldata block.

Of course, other formats may result in other tables. For example, itwould be possible not to specify any physical addresses in there-mapping table 162. The re-mapping table could simply map thesequential location in the abstract block set being restored from to thephysical address or to the sequential location on the receiving storageelement.

In other embodiments, each entry in the metadata remapping table maycorrespond to extents in the physical memories restored from and to.

Physical Backup Segment Granularity

In the discussion with respect to FIGS. 13-16, it was assumed that thebackup, copy and restore was performed at the data block level. Thus,the physical backup segment corresponded in size to the size of a datablock. Those data blocks that are part of the logical object, and onlythose data blocks were copied for backup and were restored.

Granularity of the physical backup segments need not, however,correspond to the granularity of the data blocks. For example, a trackmay store a number of physical data blocks. In some instances, not allof the data blocks within a track are necessarily a part of the samelogical object. Thus, in a track that stores four data blocks, only twoof those data blocks maybe a part of a logical object, the other twodata blocks being unused or part of a different logical object. Backingup of data in a logical object may, however, be performed at the tracklevel rather than the physical data block level. The result would be anabstract block set that includes some data blocks that are not a part ofthe logical object.

Thus, in the preceding example, the physical backup segment sizecorresponds to the size of a track. The actual physical data blocks thatmay store the data of a logical object are smaller, e.g, four datablocks per physical backup segment of one track.

FIG. 17 illustrates the concept of a physical segment size (here, atrack) that is larger than the size of the physical data blocks. In theexample of FIG. 17, a logical object 170 is stored on a physical devicethat includes tracks. Each track holds (in this example) up to threedata blocks.

At the application level, the logical object 170 is viewed as acontinuous file. This file may be partitioned into a number of logicaldata blocks, shown in FIG. 17 as vertical bars within the logical object170.

At the file system level, a file system image 171 holds that data ineach of the logical data blocks of 170. As shown in the file systemimage 171, the order of the logical data blocks at the file system levelmay not correspond to the order of their appearance within the logicalobject 170. As described above, a mapping process maps the logical datablocks to appropriate locations within the file system image 171.

The file system image 171 may be mapped to a logical volume ofhypervolume level 172 a-172 b.

The logical volumes 172 a-b are then stored on a physical storage devicein hypervolumes 173 n and 173 o. As shown in FIG. 17, the hypervolumesmay not be physically adjacent. (Of course, as described above, othertechniques for mapping the logical data blocks of the logical object 170to the physical storage device are possible and within the scope of thepresent inventions.)

The first hypervolume 173 n stores data across seven tracks 173 a-173 g.These tracks may, but need not, be contiguous segments of memory.

In this example, the entire track 173 b contains physical data blocksthat are part of the logical object 170 (given the assumption that onlythree data blocks are stored per track). The track 173 d, however,includes only one data block that is a part of the logical object170—the other data blocks in the track 173 d either being unused orcontaining data belonging to a different logical object. In addition,some of the tracks within the hypervolume 173 n do not contain any datafrom logical object 170, e.g., tracks 173 a, 173 c and 173 f. Thehypervolume 173 o similarly contains some tracks that include data fromthe logical object and some tracks that do not.

Given that the physical backup segment granularity is chosen to be tracksize in this example, the physical segments that would be part of abackup process would include tracks 173 b, 173 d, 173 e, 173 g, 173 i,and 173 k. These tracks make up the physical backup segment set (here, a“trackset”) that would be copied when the logical object is backed up.Since, in the example of FIG. 17, the physical backup segmentgranularity is by tracks, this may be referred to as a track set.

Thus, the track set for a backup of logical object 170 would includetracks 174 a-174 g, which in turn correspond to those of the physicaltracks 173 a-173 m that include data blocks from the logical object 170.

The backup process using a physical backup segment size that isdifferent than the data block size can proceed generally as describedwith reference to FIG. 14. At step 142, however, identification of thephysical backup segments includes not just identifying the logical blockelements but using the identified logical block elements and theirphysical data block locations to determine the physical backup segmentset, e.g., the track set 174 a-174 g of FIG. 17.

In addition, the copying of the available backup segments at step 146would involve copying the larger granularity segment (e.g., a completetrack rather than just the particular physical data blocks on thetrack). As in FIG. 14, the physical backup segments (e.g., tracks) maybe copied in any order.

Returning to FIG. 17, an abstract block set signature track 175 may bestored. This signature track includes the metadata for the abstractblock set. In this embodiment, specification of the metadata for theabstract block set may include a specification of the particular datablocks in the abstract block set and their location within the logicalobject 170.

FIG. 18 shows one example of metadata 180 for an abstract block set thathas a physical granularity greater than the size of the physical datablock. In this example, the location of each data block is specified.The first column is a specification of the data block within the logicalobject—e.g., first, second, third, fourth data block.

The second column of the metadata 180 specifies the physical address ofthat logical object. In this example, that physical address includes aspecification of where within the physical backup segment the applicabledata block is located. For example, this information may be included asan offset within the physical backup segment. Thus, an address ofdd:cccc:h:offset includes a specification of the physical backup segment(dd:cccc:h), which in this example specifies a track and a locationwithin that physical backup segment (track), and an offset. For example,the first row of metadata 180 corresponds to the first logical datablock in the logical object. It also happens to appear as the first datablock in the specified physical backup segment address, e.g., as anoffset from the beginning of the physical backup segment (here, a track)of just zero. The second row of the metadata 180 specifies the sameaddress, but has an offset of 1—it is a data block appearing in thatphysical backup segment (track) immediately following the data blockcorresponding to the first logical data block of the logical object.

In this example, it may be assumed that the track that includes thefirst two logical data blocks (first two rows of metadata 180) hasadditional room within the track, but that those additional data blocksin the track are not a part of the logical object. Accordingly, there isno entry in the metadata table 180 specifying a corresponding logicaldata block for that portion of the track. (In an alternative embodiment,of course an entry could be made which indicates that that portion ofthe track is unused in this abstract block set.)

As described above with reference to FIG. 13, many other forms andformats for storing metadata may be applied.

Restoring (or copying) from an abstract block set that has a physicalbackup segment granularity larger than the data block size may proceedas generally prescribed above with reference to FIG. 15. At step 157,however, the locations of the logical data blocks within the backupsegment are identified—including determining whether any portions ofthat backup segment may be omitted. At step 158, only those data blocksthat are actually used in the logical object are restored.

Selecting a physical backup granularity larger than the size of datablock can require transfer of more memory than if the physical backupsegment size is the same as the data block—some unused data blocks areincluded as a part of the copy or backup process.

A larger physical granularity size can, however, result in certainadvantages. For example, less overhead may be required in the copyingprocess—fewer segments for copying need to be specified. In addition,other resources may be preserved. For example, if high demand memory isused for storing information identifying the physical backup segments tobe copied, less such memory is required. In the event that the physicaldata blocks of logical objects are prevented form being updated during acopy or backup process, this can be done by protecting updates at thephysical backup segment level rather than the data block level—againrequiring less overhead. In some systems, this can reduce the complexityof avoiding updates. Some embodiments of the invention employingdifferent physical backup granularity than data block size may achievesome or all of these advantages, depending on the context and system inwhich it is implemented. None of these advantages is intended to limitthe scope of the invention, which is defined by the claims below.

Concurrent Copy or Snapshot Facility.

As described above with reference to FIG. 12, certain systems embodyingone or more aspects of the present invention will allow copying orbackup, of a logical object at a specified point in time. To do this,updates to the logical object need to be prevented during the copying orbackup process. There are many ways to do this, including taking theapplication that uses the logical object off-line until the backupprocess is complete. While certain embodiments of the present inventionwill use this and other techniques, it may be advantageous to be able tocontinue processing during the backup.

FIG. 19 illustrates one embodiment of a method for performing a backupwhile preventing updates to those physical data blocks that are part ofthe logical object being backed up.

At a step 191, the logical object (or system using the logical object)is quiesced. There are at least two ways to quiesce the system. One wayis to take the application off-line, and update the logical objectoff-line. This prevents any further updates (or reads) to the applicablelogical object. Taking the application off-line can beundesirable—resulting in loss of time and system availability.

An alternative way of quiescing a system is to place the application inon-line backup mode. For example, if the application is using an oracledatabase, writes to the database can be stored in a re-do log, ratherthan actually writing the data to a physical storage system. When theapplication is brought back to on-line mode, the updates to the logicalobject that are stored in the re-do log may then be applied to thecurrent copy of the logical object.

At a step 192, those physical backup segments that contain data from thelogical object are marked for copying. This may be done in a number ofways. For example, a bit may be associated with each potential physicalbackup segment in the system. The bit may be set to a “one” if thecorresponding physical backup segment is part of a logical object to becopied. Of course, the methods for identifying the physical backupsegments that are part of the abstract block set being copied can beused. As just one example, a list of the physical backup segments couldbe maintained.

FIG. 20 illustrates an example of a system having bits associated withphysical backup segments. In the example of FIG. 20, the physical backupsegment size is a track of the physical memory 28, such as column 28 b.A logical object 27 is stored across the physical memory 28. A series ofbits 29 is associated with the tracks of the physical memory 28. A oneis set for those tracks (physical backed up segments) that are part ofthe track set for the logical object. Thus, the second bit of the bitset 29 is set at one, reflecting the fact that track 28 b is included inthe track set for the logical object 27. If the physical backup segmentgranularity were a data block, a bit could be associated with each datablock—at higher overhead.

Returning to FIG. 19, the application using the logical object can bereturned to the active state. This may, for example, involve the step ofreturning the application to on-line mode from off-line mode. If theapplication was held in on-line backup mode, any elements in the re-dolog may be applied to updating the logical object.

An attempt to write to a physical backup segment included in this set ofsegments to be backed up will, however, momentarily stall. Before thewrite takes place, that segment is copied or backed up, e.g., accordingto the illustrative embodiment described below.

At a step 194, it is determined whether there is a hit on a physicalbackup segment that is included in the backup segment set in theabstract block set. If so, that segment is copied out of turn—and beforethe update is made. After the segment has been copied, that segment canbe unmarked—further updates may be allowed for that segment. After thesegment has been unmarked, the update may be performed. Processing willthen continue at step 194 in case there are additional hits (attempts towrite to) a physical backup segment included in the abstract block set.

The copying of the segment may occur directly to the target (receivingprimary storage element or receiving secondary storage element such as atape) or may be copied to a cache for later copying to the targetdestination of the abstract block set.

If there are no pending hits on the physical backup segments of thelogical object that remain to be copied, then processing may thencontinue at a step 196. At this step, it is determined whether all ofthe physical backup segments have been copied. If so, the formation ofthe abstract block set is complete and processing may conclude at step197.

If there is additional copying to be done, the next available physicalbackup segment may be copied, at a step 198. Where abstract block setsare used, which permit the physical backup segments to be included inany order, the selection of the next segment may focus on whicheversegment is next available, independent of order.

As before, after the segment has been copied, it may be unmarked.Accordingly, any incoming writes to that segment, which occur after thesegment has been copied, may be performed—even if the backup process iscontinuing with other physical backup segments.

In situations where the physical backup segment granularity is largerthan the physical data block size, a write may occur to a physicalbackup segment that does not correspond to a write to a logical object.For example, consider a physical backup segment that has one physicaldata block that is in the logical object that is being backed up andthree other physical data blocks that belong to other logical objects. Awrite to one of the physical data blocks corresponding to differentlogical object would trigger backup of the physical data segment, eventhough the logical object being backed up is not being updated.

One alternative for handling such a circumstance is to examine eachwrite to a marked physical backup segment to determine whether the writeis to a physical data block that is a part of the logical object. Whilethis method may be employed in some embodiments of the presentinvention, it can incur a heavy overhead penalty in the event of writesto physical backup segments.

In an alternative embodiment, the physical backups segments are treatedthe same whether or not a write occurs to a physical data block in thelogical object being copied or the physical data block in a differentlogical object. The overhead associated with this alternative may not begreat, particularly if implemented in a system where the copied physicalbackup segments are being stored in an abstract block set that permitsphysical backup segments to be transferred in any order.

In most cases, it will be easiest to mark and prevent updates toportions of physical memory based on physical backup segmentgranularity—e.g., using tracks on a disk for physical backup segmentsize and also for marking and preventing premature updates to the storedlogical object. Other alternatives may be implemented. As just oneexample, in a disk system, tracks could be used as physical backupsegments, but prevention of updates marked or tracked at the data blocklevel (rather than the track level).

Differential Backups.

Systems similar to FIG. 5 and FIG. 6 conventionally backup an entirelogical construct or element (“logical object”) specified by the user.For example, a user may specify a partition to be backed up. When thisis done, the entire partition is copied to the backup storage system.Similarly, the user may specify a database or file to be backed up. Inthis case, the entire database or file is copied to the backup storagesystem.

This can require a significant amount of time, which is ultimatelyunnecessary. For example, an extremely large file may be backed up atone point in time. A second backup may then be performed at a latertime. Very little of the file may have been changed between the twobackups. Generating a new backup of the complete file can, therefore, bewasteful.

FIG. 21 illustrates one embodiment of the present invention for creatinga differential backup. A differential backup is a backup of only aportion of a logical object, based on what has been changed duringoperation of the computer system.

At a step 470, a level zero backup is performed. A level zero backup isa complete backup of the logical construct. For example, a level zerobackup of a file backs up the entire file. A level zero backup of a(virtual) partition backs up this entire partition. Thus, a level zerobackup can be used to restore the logical object without any furtherinformation.

At a step 472, the system tracks changes in data from the last levelzero backup. For example, referring to FIG. 2B, the segments thatincluded any changed data may be tracked. If segments 1, 3 and 5 includedata that was changed, a corresponding bit or other record could be setindicating that these segments have changed (and not the others). Asdescribed more fully below, the segments may be defined by how the datais physically stored (e.g., by storage blocks) rather than based onlogical level information, and may (but need not) correspond to thegranularity of physical back-up segment of abstract block sets or thegranularity of physical segments marked to prevent updates.

At a step 474, those data segments that have been changed are backed up.By backing up only changed data segments, rather than the entire file,the generation of the backup may be performed much more quickly. Oneembodiment of a method for storing and recovering files using records ofjust changed data segments is discussed below. This backup may bereferred to as a “differential backup” because less than all of thelogical data blocks are backed up, e.g., some data segments that havenot been changed are not backed up.

At a step 476, it is determined whether a new level zero backup shouldbe generated. If not, the system continues tracking changes from thelast level zero backup, at step 472. In this embodiment, therefore, thedifferential backup generated at step 474 always records changed datafrom the last level zero backup—not from the last differential backup.An alternative embodiment is to track changes from the last differentialbackup.

If a new level zero backup is to be generated, at a step 478, thetracking of changed data is reset. This may be performed, for example,by resetting “change bits” associated with the data segments, describedbelow. While this is done, the system may be taken off-line or placed inbackup mode to assure that data is not changed while the change bits arebeing reset (and the level zero backup performed). When a new level zerobackup is performed, future changes will be tracked from that level zerobackup rather than an earlier one.

In another embodiment, resetting tracking of changed data may beperformed alter the step 474 of backing up changed data segments. Inthis case, each differential backup tracks changes only from the lastdifferential backup. As discussed below, to restore data when this isdone, multiple differential backup files may need to be examined, ratherthan just the one differential backup performed at the time of interest.

The complete or level 0 backup may be performed as described above. Forexample, an abstract block set may be created, using physical backupsegments stored in any order, together with metadata as the level ofbackup.

The step 472 may be performed at either the logical or the physicallevel. At the logical level, the client 50 may track the segments thatinclude changed data. At the physical level, the storage system 54 maytrack which segments of data have been changed. In either case, thesegments of data may correspond to physical segments of data that arestored on the storage system, rather than units of data (e.g., fileswithin a partition) determined at the logical level and associated witha logical construct.

The physical segment may be a 512 byte block that is written to or readfrom the physical storage device at one time. In another embodiment, thegranularity of the physical segment may be the amount of data stored ina track of the physical storage devices used (particularly when thephysical storage devices are disk drives). The size of this may dependon the particular format for storing data in applicable operatingsystem. For example, in a fixed block architecture environment, thetrack may be 32 kilobytes (64 SCSI blocks). On IBM main framesimplementing a count-key-data (“CKD”) system, the segment size may bethe size of one CKD track. As above, the granularity of the physicalsegments for which changes are recorded may, but need not, correspond tothe physical backup segment size or the granularity at which updates areprevented during the copying or backup process. In many cases, however,it will be most efficient to use the same granularity for each of thesefunctions, e.g., using a physical track on a disk for the granularity ofthe entire system.

In certain embodiments, the changed segments may be tracked at thephysical storage level. Thus, whenever a physical segment is written toa physical storage device, the fact that the segment was changed can berecorded. This may be done using a single bit associated with eachphysical segment. When the system is initiated, all of the bits are setto zero (for example). When a physical segment is changed (or written),the associated bit may be set.

Thus, referring again to FIG. 2B, data changes may be tracked at thelevel of the actual physical storage devices 204-206. When data ischanged in one of the data segments, a bit may be set (or some othermechanism used) to track that that segment has been changed. Forexample, if data is changed within the first segment of the applicationfile at the application level, e.g., 203 a, the data in actual physicalstorage device at 208 will be modified. A bit (or other mechanism)associated with data segment 208 will be set when this write isperformed.

FIG. 2 illustrates one example of a system that includes a bitassociated with physical storage segments. For example, physical storagedevice 201 a includes six physical segments. An associated physical bitmask 412 sets a bit for each physical segment that has been changed. Inthis example, segments 114 a and 114 b have been changed. Accordingly,the associated bits 412 a and 412 b of the physical bit mask 412 havebeen set to one. On inquiry, the physical bit mask may be read andoutput to a client (e.g., client 50 of the system illustrated in FIG.5).

The actual physical storage devices 204-206 may, but need not, have anyidea of what is being done at the application level. In this embodiment,the physical storage devices need only be aware that data within theapplicable segment of data (e.g., 208) is being modified.

(While many of the embodiments described herein use bit masks torepresent changes in data, e.g., a physical bit mask or a logical bitmask, other mechanisms (lists being just one example) may be used.)

In the embodiment described above, the changes to data segments aretracked at the physical storage level (although, in alternativeembodiments, the changes could be tracked at any of the other levels,e.g., the application level, file system level, logical volume orlogical volume manager level, as illustrated and discussed with respectto FIG. 1).

In one embodiment of performing a “differential” backup, data aboutchanges at the physical level is converted to correspond to changes atthe logical (e.g., application file) level. The differential backup thenstores the data at the logical level.

FIG. 22 illustrates one way of tracking changes at the physical leveland converting that to the logical level. In this embodiment, a bit mask412, 413 and 414 is associated with each actual storage device 204-206.

When data is written to a data segment, a corresponding bit and thecorresponding physical bit mask is changed from a zero to a one.Accordingly, at any point in time, the physical bit masks indicate allof the data that has been changed since the last backup. As describedabove, the actual physical storage devices 204-206 may not know how thiscorresponds to logical objects at the application level. Indeed, theactual physical storage devices may have no way to determine what datasegments are associated with each other. As indicated in FIG. 22, inthis embodiment, data segments 114 a-114 d have been changed.Accordingly, corresponding bits 412 a, 412 b, 412 c, 412 d in bit masks412, 113 and 114 have been set to one. (Other data segments in theactual physical storage devices may also have been changed, but are notshown in FIG. 11).

A logical bit mask 410 may be constructed, which indicates what datasegments within the application level file have been modified. Thus,logical bit masks 410 may include entries 410 a-410 d indicating thatthe corresponding data segments 411 a-411 d have been altered. (In analternative embodiment, the segment changes may be tracked at thelogical level, even though the segment size corresponds to a physicalstorage amount, such as block or track size.)

The logical bit mask 410 can be constructed using mapping 202. Inparticular, the mapping 202 may convert the application level object toa group of data blocks in the actual physical storage (as this needs tobe done to store the application level file in physical storage in thefirst place). Thus, the mapping 202 may be performed using the samemechanisms for mapping application level data into physical storagedevices (through, e.g., levels 10, 12, 14 and 16 of FIG. 1). Thephysical bit masks associated with these data segments on actualphysical storage may then be examined. A logical bit mask can beconstructed by setting each entry in the logical bit mask to a one onlywhere the actual physical storage device indicates that that datasegment has been changed.

FIG. 23 illustrates one embodiment of the method for performing adifferential backup of an abstract block set. In this embodiment, theaffected memory in the actual physical storage devices is firstquiesced, at a step 231. Quiescing the memory assures that no additionaldata is modified within the application level file. Quiescing may beperformed as generally described above, e.g., by taking the applicationoff-line or placing the application in on-line backup mode.

At a step 232, a logical to physical mapping is performed to determinewhich physical data segments within the physical storage device are ofinterest. The step 232 may be performed as generally described above.That is, using the application, file system and logical volume manager(where present, and additional levels of mapping if present) to map allof the data segments within the application file onto physical storage.As described above, this may map the object all the way down to actualphysical storage. In other embodiments an additional level of mappingmay occur before reaching the actual physical devices storing data; forexample, in a Symmetrix product as described above, the Symmetrixproduct may present what appears to be a three volume storage device.This Symmetrix product could present chance data based on that threevolume set. On the other hand the way the data is actually physicallystored within the Symmetrix may not correspond to that three volume setprovided to the application or operating system level. Thus, anadditional level of mapping for both data segments and bit masks may beperformed within the storage device.) The granularity at which thechanges to data is tracked may be based on the size of the data blocksor on a different granularity, such as the size of physical backupsegments. For example, change data may be tracked corresponding tophysical tracks, when the physical data block size is less than anentire track.

At a step 233, the physical data segments that have been changed sincethe last time mark are identified. This may be done by examining thephysical bit masks associated with the physical storage devices. Anyentry marking changed data in the physical bit mask that corresponds toa physical backup segment within the application that includes aphysical data block in the applicable logical object corresponds to datathat may have been changed. At step 232, a logical bit mask may beconstructed, such as the logical bit mask 410 of FIG. 22.

At a step 234, a differential abstract block set is created. This stepinvolves copying only those physical backup segments that may includechanged data. In one embodiment, as for the abstract block sets above,the abstract block set may record the physical backup segments in anyorder.

Accordingly, at a step 234, metadata for the differential abstract blockset is also stored. This metadata records information sufficient toidentify the applicable location of the physical data blocks stored inthe differential abstract block set within the logical object beingbacked up or copied.

Finally, at a step 236, the application is returned to active mode. Thatis, the system is allowed to continue updating the physical data blockson the actual physical storage devices.

As described above, before returning the system to active mode, the bitscorresponding to the backed up data segments on the actual physicalstorage device may be reset to zero. This is only done if thedifferential backups are being performed with respect to the lastdifferential backup. Otherwise, the bits may only be reset after theconstruction of the real (or merged, as described below) level zerobackup.

FIG. 24 illustrates an example of creation of a differential abstractblock set according to the method of FIG. 23. The logical object 240includes five physical data blocks. (For simplicity, the physical backupsegment and physical data block size are assumed to be the same in FIG.24. As above, however, the physical backup segment size may be a sizethat is larger than the physical data blocks.)

At an earlier point in time, an abstract block set 242 was formed. Asabove, the abstract block set stores each of the logical data blocks oflogical object 240, but in any order. The abstract block set 242 mayinclude metadata, specifying the locations of the data blocks within thelogical object.

After the abstract block set 242 was formed, additional changes may havebeen made to the data within the logical object 240. In this example,logical bit mask 241 reflects those changes. In particular, logical bitmask 241 indicates that the second and last logical data blocks withinlogical object 240 have been changed.

The differential abstract block set 243 stores those data blocks thathave been changed (the second and the fifth). As described above, thesemay be stored in any order. The differential abstract block set mayinclude metadata for the differential abstract block set. In the exampleof FIG. 24, the metadata is of the same general format as the metadatafor the full abstract block set 242. The metadata includes an extracolumn, however, that specifies which of the logical blocks have beenchanged since the last backup (again, the second and the fifth, in thisexample).

To restore a logical object from a full abstract block set backup and adifferential abstract block set, the two may be combined or merged. Infact, all abstract block set and one or more differential abstract blocksets may be merged at any point in time, off-line. This permitsformation of a synthetic full abstract block set that reflects the stateof the logical object at the point in time when the differentialabstract block set was formed.

FIG. 25 illustrates an example of this merging process, using theexample of FIG. 24. As can be seen, the original data blocks 242 a-b ofthe whole abstract block set 242 have been updated in the differentialabstract block set 243. Accordingly, in the merged abstract block set253, these data blocks have been replaced with the updated version.

FIG. 26 illustrates one embodiment of a method for performing thismerging process. In the embodiment of FIG. 26, one or more differentialabstract block sets may be present. More than one differential abstractblock set may be present if, for example, differential abstract blocksets are formed reflecting changes since the last differential abstractblock set was created (rather than forming differential abstract blocksets to reflect all changes since the last full backup). Of course, thismethod will work with only one differential abstract block set as well.

At a step 260, the most recent full or differential abstract block setis selected. Of course, this selection is made from those logicalobjects that were recorded before the target restore time (differentialabstract block sets more recent than the target restore time reflectmore recent data than should be restored.) At a step 261, all of thelogical data blocks that are not in the merged abstract block set areappended to the merged abstract block set.

Referring to FIG. 25, the first abstract block set selected at step 260is the differential abstract block set 243. As there are no blocks inthe merged abstract block set yet, the two data blocks of differentialabstract block set 243 are added to the merged abstract block set253—corresponding to the first two data blocks 253 a-b.

At a step 262, it is determined whether all of the differential and fullabstract block sets have been examined. If not, processing continues ata step 260.

Returning to the example of FIG. 25, the next abstract block set to beselected is the full abstract block set 242. At step 261, those logicaldata blocks that are already in the merged LBO may be added. Thiscorresponds to each of the data blocks, other than 242 a and 242 b.

At this point, once all of the abstract block sets have been examined,processing continues at a step 263. At step 263, the metadata for themerged abstract block set is created. Using the example of FIGS. 25 and24, the metadata may be of the same format—the physical address of thelogical block elements has not changed. Accordingly, the metadata is thesame. In other embodiments for formatting metadata, the metadata tablemay be updated and correspondence with its format.

The merged abstract block set may be used for copying and restore in thesame manner as an original, level zero abstract block set.

Primary to Secondary Storage Node Transfers, Example of One SecondaryStorage Node.

As described above with respect to FIGS. 11A and 11B, one aspect ofstorage systems involves transfer of data from primary storage elementsor nodes to secondary storage elements or nodes.

FIG. 27 illustrates one example of a particularly advantageous mechanismfor transferring data from a primary storage node to a secondary storagenode for storage on tape. This example embodiment and the components ofFIG. 27 are useful both in the context of the other inventions describedabove (although not limiting with respect to those inventions), as wellas useful for systems implemented independent of those inventions.

FIG. 27 includes a primary storage node 270. This may be, for example, aSymmetrix storage system as described above. In such a system, a hostadapter 270 a may be provided for communication with a host. Diskadapters may provide an interface with the disks. A remote adapter 270 cmay handle communications with remote devices, whether through a SCSIlink, an ESCON link, a fiber channel, a switched network, or some othercommunication channel. In addition, a cache 270 b may be provided forcaching received and transmitted data.

FIG. 27 also illustrates a secondary storage node 271. In thisembodiment, the secondary storage nodes has a plurality of data movingelements 271 a, 271 b, 271 e and 271 f. In this embodiment, the datamoving elements are arranged in pairs—a front end and back end pair. Forexample, data mover 271 a may be a front end data mover—primarilyresponsible for receiving data from a primary storage node. The frontend data mover 271 a may be paired with a back end data mover 271 e. Theback end data mover is responsible for moving data from the secondarystorage node to the backup media.

As shown in FIG. 27, more than one pair of front end and back end datamovers may be provided for parallel transfer of data. In this example,two pairs are shown—271 a-271 e, and 271 b-271 f.

The actual backup media in the example of FIG. 27 is a tape library 272(other backup media may be used in other embodiments). The tape librarymay include a plurality of tape drives 272 a-d, each of which is capableof reading and writing data from a tape (and which may include anappropriate communications adapter, e.g., a SCSI adapter). The tapelibrary 272 may also include robotics 271 f capable of selecting tapesfrom a tape library 272 g and inserting those tapes into the drives 272a-272 d. A robotics interface 272 c may control the selection process.

Returning to the secondary storage node 271, the secondary storage nodemay include an internal storage device 271 c for buffering data receivedfrom the front end data mover (e.g., 271 a), before being written totape by the back end data mover (e.g., 271 e) during a backup (or,conversely, for buffering data during a restore by placing the data inthe internal memory 271 c (by a backbend data mover 271 e) andforwarding the data to a primary storage node (by front end data mover271 a).

The data movers 271 a, 271 b, 271 e and 271 f may be Intel basedpersonal computers, running software permitting the data movers totransfer data from the primary storage node to the tape library unitduring backup, and vice versa during a restore.

As described above, the data movers are configured in pairs, e.g., frontend data mover 271 a and back end data mover 271 e. Each pair of datamovers may be used to define one or more virtual circuits or streams.

The front end data mover (e.g., 271 a) may be connected to the primarystorage node 270 using any of a variety of connections. For example, inthe example of FIG. 27, two ESCON cables are used to connect each frontend data mover to the ports of a remote adapter of a single primarystorage node (e.g., a Symmetrix storage device).

In the example of FIG. 27, the back end data movers 271 e, 271 f areconnected to the tape library unit 272 using SCSI cables. In thisexample, each SCSI connection goes to a single read/write drive 272a-272 d of the tape library 272. Of course, the SCSI connections may bedaisy chained, permitting more than one drive to be connected to eachback end data mover port. Other connections could be used, includingother links or even a switched network.

The internal storage memory 271 c may itself be an iterative cached diskarray, such as a Symmetrix. Thus, a Symmetrix product may be included asan internal caching memory for movement of data from the front end tothe back end. The internal memory device 271 c may include a serviceprocessor, such as a laptop personal computer for local control of theinternal storage device 271 c. The internal storage device may alsostore the operating system and application programs running on the datamovers 271 a, 271 b, 271 e, 271 f and the control station 271 g.

The control station 271 g may be an Intel machine, running any of anumber of operating systems, such as SCO UNIX. The control station 271 gmay also include a keyboard and screen for local operation of thecontrol station 271 g.

The control station 271 g controls operation of the data movers 271 a,271 b, 271 e and 271 f. The control station 271 g includes controllersoftware 271 b to perform this function. The controller 271 b also isused for system configuration and monitoring system performance. Thecontrol station 271 g includes a database 271 i (which may, in thealternative, be stored on the internal memory 271 c). The database 271 istores information about all pending backup streams or sessions, thecontents of tapes in the tape library unit and other control informationfor managing the backup process and backup media.

The control station 271 g may also include an interface 271 j formanipulating and controlling the robotics of 272 c, 272 f of the tapelibrary unit 272.

As described above, the primary storage node 270 may be used as theinterface between host connectors (e.g., host computers connected tohost adapter 270 a) and secondary storage node, 271. In theseembodiments, and where the storage management application residesprimarily on the host computer, the primary storage node 270 may be usedto pass commands from the host computer to the secondary storage node271. Such commands may include instructions directed to mounting anddismounting tapes, reading and writing tape headers and trailers andother commands.

The primary storage node 270 may simply pass appropriate commands to thesecondary storage node 271. In the alternative, the primary storage node270 may perform some functions based on those commands, such as formatchecking.

As described above, the backup restore process can be performed byestablishing a virtual channel between a primary storage node 270 andthe tape library 272, through the secondary storage node 271. Asdescribed above, this may involve formulating a connection through anetwork between primary storage node 270 and secondary storage node 271.This may also involve establishing a connection with a tape drive 272 aand applicable tapes 272 g.

FIG. 28 illustrates one example of a state diagram for a secondarystorage node, such as node 271, for establishing and maintaining avirtual channel. At state 280, a backup control stream session (orvirtual channel) is requested by the storage management application(e.g., on the host computer). Establishment of the virtual channel mayinvolve selecting an appropriate front end and back end data mover pair,e.g., front end data mover 271 a and back end data mover 271 c.

A function to be performed by the storage management application mayrequire opening a tape. The result would be to place the secondarystorage node 271 into state 281—virtual channel beginning of tape. Thistransition would involve mounting the appropriate tape, using similartechniques to what is known in the art. At the beginning of tape state281, tape headers and trailers may be read or written, as a part of thetape management process.

When it is time to record information on the tape, the secondary storagenode 271 (or at least the applicable data movers within the secondarystorage node) enter the virtual channel write state 282. When in thisstate, the recording part of a backup is performed, such as writing oneor more abstract block sets, or portions of an abstract block set, totape.

If the end of a tape is encountered, the applicable data movers in thesecondary storage node 271 enter the virtual channel end of tape state284. In this state, the applicable catalog information may be read andan appropriate tape trailer written. When the end of the tape isencountered (or end of data), the applicable virtual channel needs toclose that tape, returning the data movers and the secondary storagenode to the initial state when the channel was formed—state 280.

If an error is encountered, during writing from state 282, the virtualchannel can enter into an error state 283. The tape may be closed(returning to state 280), an error log created, and a system operatornotified.

As discussed above, the storage management application is responsiblefor issuing the appropriate commands to change the state of thesecondary storage node 271. The storage management application may beresident on the host computer, primary storage nodes, separate networkstorage controller or even on the secondary node 271.

FIG. 29 illustrates a state diagram for the secondary storage node 271for restoring information from tape. The state diagram begins at state291, where a request to open a virtual channel has been received. Thestorage management application handles the opening of tapes, for exampleby requesting a tape open for the backup channel stream. This results inentering the virtual channel beginning of tape state 292. As before,this can include tape header and trailer reads as well as reading ofabstract block set metadata, for systems using abstract block sets.

The actual reading of data can be controlled using a tape read command,causing the secondary storage node 271 to enter into the virtual channelread state 293. At end of tape (or data) or log-out, the secondary nodemay return to the virtual channel end of tape state 292. The tape maythen be closed, returning the secondary storage node 271 to the virtualchannel opened state.

If an error is encountered during reading, the node 271 may enter theerror state 294, similar to the error state described above withreference to FIG. 28. When an error occurs, the tape may be closed, anerror log created, and the system operator notified.

For both backup and restore, the cataloging and identification of tapescan be handled by the storage management application, as is done forother mechanisms for formatting data stored on a storage system. Thecontrol station 271 g of the secondary storage node 271 assists inidentification and mounting and dismounting of the appropriate tapes,using the control station database 271 i.

The backup and restore state diagrams of FIGS. 28 and 29 constituteexample embodiments of placing the system (e.g., the primary storagenode and of the secondary storage node) in an asynchronous transferstale. In particular, the nodes of the storage domain enter a statewhere data is transferred independent of control from any host computeror host domain element, even when much of the storage managementapplication process (and software) is being performed on the hostcomputer.

Certain embodiments of this facet of the invention allow the advantageof independent control and transfer of copying, backup and restore. Incertain embodiments of the invention, this can alleviate the dependenceon particular host platforms and conserve host resources. Certainembodiments of this aspect of the present invention also allow forincreased scalability—allowing addition of memory, with less dependenceon host configuration.

One Embodiment of Data Transfer.

FIG. 30 illustrates one embodiment of an architecture for a primarystorage node that facilitates transfer of data to a secondary storagenode or to another primary storage node. This embodiment (as well asothers) may be used to implement one or more of the above inventions.

FIG. 30 illustrates a primary storage node 300. The primary storage node300 includes a remote adapter 301, as generally described above withreference to FIG. 7. The primary storage 300 also includes a diskadapter 305, also configured as generally described above with respectto FIG. 7.

Data is stored among a plurality of disks within the primary storagenode 300, one of which is shown in FIG. 30—disk 306.

The disk 306 may include protection bits, as described above withreference to FIG. 20. These protection bits may be used to designatetracks to be copied—and also tracks which should not be updated beforethey are copied. The protection bits 307 may be stored, in oneembodiment, on a cylinder header for the disk device 306. The diskdevice 306 may also include a physical bit mask (not shown) as generallydescribed above with reference to FIG. 22. Other mechanisms may be usedfor marking or recording, which tracks are protected.

In the embodiment of FIG. 30, the disk adapter 305 receives instructionsfrom the storage management application as to what physical backupelements (here, which of the tracks 308 a-e) are part of the backupprocess. The disk adapter may then write the protection bits at the timeof backup is initiated.

Those physical backup segments (e.g., tracks 308 a, 308 b and 308 e)that were designated as part of a backup process may then be copied to aside file 303 in a cache 302 of the primary storage node 300. Thus, theside file 303 may receive the designated tracks 308 a, 308 b and 308 cfor copying to another storage node. The side file, therefore, maycontain copies 303 a-c of these tracks.

In addition, the disk adapter 305 may post, to a request queue, arequest that the physical backup segments that have been copied to theside file 303 be transferred to another node. Thus, requests 304 a-c maybe posted in the request queue 304, corresponding to those physicalbackup segments in the side file 303.

The remote adapter 301 may pickup requests from the queue and transfercopies of the applicable track to the receiving storage node, e.g., asecondary storage node.

The applicable storage backup segments held in the side file 303 may bepart of more than one copy of backup process being performed. Forexample, more than one abstract block set may be in the process of beingbacked up over more than one virtual channel connected to the remoteadapter 301. In this case, the applicable metadata for the abstractblock set can be used to identify a specific abstract block set andvirtual channel for the copying or backup process.

In an alternative embodiment, the receiving storage node may classifyphysical backup segments based on the abstract block set to which theybelong. For example, the front end data movers described above couldreceive physical backup segments corresponding to tracks, including aphysical address for the track. The front end data move may be aware ofthe metadata for the abstract block set, which was formulated by thestorage management application (which identified all of the physicallocations for the applicable logical object being backed up). This wouldpermit the front end data mover to classify the physical backup segmentbased on its physical address.

Of course, a variety of alternative structures and methods could beemployed for transfer through a side file. As just one example, thephysical backup segments could be sorted into separate side files foreach abstract block set (or other structure) being copied or backed up.In addition, side files may be used to accumulate segments of data fortransfer. For example, a side file could be created that includes atleast ten megabits of data before transfer through the remote adapter301 to a secondary, or other, storage node.

FIG. 31 illustrates one embodiment of a method for using the structureshown in FIG. 30. At a step 310, the protection bits (307 of FIG. 30)are marked for physical backup segments being copied. As describedabove, this may include marking the bits for more than one logicalbackup object.

In addition, metadata for the applicable logical object may betransferred to the receiving storage node, e.g., the secondary storagenode. Thus, if the metadata is of the form shown at 133 of FIG. 13, thismetadata may be specified and advance the backup process. This metadatamay (or may not) be reformulated during backup for incorporation intothe logical backup object, such as reformulation into the form shown at134 of FIG. 13. In any event, this metadata may be used by the diskadapter 305, remote adapter 301 and/or the receiving storage node toaccumulate and organize the applicable physical segments associated withthe logical object being copied or backed up.

At a step 311, the protected segments are transferred to a side file ina cache. As this is done, requests for the transfer of the physicalbackup segments are logged into a request queue. As described above,this may be performed by a disk adapter of the primary storage node. Atthis point in time, the disk adapter 305 may also reset the applicableprotection bit of the protection bits 307 of the disk device 306,allowing future updates of the data.

The segments in the side file can then be transferred to another storagenode by the remote adapter 301, such as transfer to a secondary storagenode. This may be done be reading requests for transfer from therequests queue 304.

After the transfer (e.g., after the transfer has been acknowledged) theapplicable entries for the segment in the request queue in the side filemay be removed. Of course, this can simply be done by allocating thestorage as unused.

FIG. 32 illustrates one example of data flow in a backup process througha secondary storage node 320. In this embodiment, the data is initiallyreceived by front end processor 322. The front end processor may be asgenerally described above with reference to FIG. 27.

The front end processor 322 stores the received physical backup segmentsin internal memory 323 in files associated with the applicable entitybeing backed up. For example, if an abstract block set LBO #1 is beingbacked up, the physical segments are stored in a file 324 associatedwith that abstract block set. Where more than one abstract block set isbeing transmitted at the same time over a virtual channel, the front endprocessor may sort the applicable physical data segments into theappropriate file, e.g., files 324 and 325.

When a file reaches a certain threshold size, for example 10 megabits,the front end processor 322 may notify the back end processor 326 that asegment of the abstract block set is ready for copying to tape. The backend data mover 326 may then copy that portion of the abstract block setfrom the internal memory 323 to the tape library unit 321.

In the event that the internal memory 322 is an iterative cached diskarray, such as a Symmetrix, the physical back up segments may be copiedfrom the applicable file 324, 325 by the back end data mover 326 inlast-in-first-out order. This may be done to increase the chance thatthe data is copied from a cache within the internal memory 323, ratherthan from disk within the internal memory 323.

As described above, more than one abstract block set may be backed up atone point in time over a virtual channel. In addition, the segments ofan abstract block set may be written in fixed sized pieces. For example,if an accumulation file 324, 325 accumulates physical back up segmentsuntil a threshold size (for example 10 meg) is reached, the abstractblock set may be stored in interleaved segments of a tape. Thecontroller and control station (271 h and 271 g) can maintain a databasefor this information. In addition, the applicable information can bewritten to appropriate headers and trailers on the tape.

FIG. 33 illustrates one example of a tape containing backup informationwritten by a device according to one embodiment of the presentinvention.

In FIG. 33 the tape has a beginning portion 330 and an ending portion332. The beginning portion 330 includes the usual tape header 330 a, andperhaps a specific tape header for the secondary storage node 330 b.After the tape headers 330 a, 330 b, the tape includes interleavedsegments of abstract block sets (including metadata) 338, separated withfile marks. For example, the interleaved segments may include a record331 that includes a series of copies of physical backup segments 331 b.A segment header 331 a and segment trailer 331 c may identify andseparate this portion of the abstract block set from other portions ofthe tape.

Interleaved with the portion of the abstract block set that includesdata blocks 331 may be other abstract block set physical backup segmentrecords for this and other abstract block sets. In addition, a record333 may be written that includes abstract block set metadata. Thismetadata 333 a may be of any of the forms described above, or otherformats. As a part of the segment header information 331 a and 333 a,the applicable abstract block set can be identified, for example, usingan abstract block set identifier uniquely assigned to each abstractblock set. This permits identification and coordination of the recordsinterleaved on the applicable tape 330, 332.

At the end of the tape 332, a tape directory 334 may be written.Similarly, server tape trailer information 335 may be written. At theend of the tape, a tape catalog 336 and a secondary storage device tapetrailer marking the end of the tape 337 may be written.

Using a database of tapes, the applicable information may be retrievedfrom a backup tape. Because abstract block sets may include data blockswritten in any order, a restore process can efficiently retrieve andwrite the portions of an abstract block set being restored, in anyorder. This permits the storage management application to identify eachof the tapes that include portions of an abstract block set and to mount(and read all of the applicable portions of) those tapes only once. Ofcourse, the first tape to be mounted may be the tape that includes themetadata records for the abstract block set being restored. For thisreason, it may also be preferable to record the metadata at one end ofall of the segments of an abstract block set written on the tape holdingthe metadata—making the reading of metadata at the beginning processsimpler. This permits formation of the appropriate mapping table,described above, for the restoration process to proceed independent ofthe order in which data blocks are retrieved.

For the reasons described above, the reading and restoring of datablocks within an abstract block set can be done in any order. As aresult, where tapes are used and as a component of the secondary storageelement, the tapes can be mounted and dismounted in any order for bothstoring and retrieving data. As a result, where more than one tape driveis present in the secondary storage element, it is shown in theembodiments described above, data blocks can be written during backupand read during restore and parallel using multiple drives.

Referring to FIG. 14, parallel writing of data may be performed asfollowed. In this example, the updating of metadata (step 147) may beperformed entirely in advance. In this example, the metadata may be thephysical addresses of the data being read in a primary storage element.Accordingly, all of the metadata can be determined in advance of theactual backup process. Since this is the case, the steps 144, 146 and147 may be performed in parallel. That is, after the physical backupsegments have all been identified and the metadata determined (e.g., atstep 142), all of the data blocks may be read in parallel and written tomultiple tapes in parallel. In one embodiment, the last tape (which maybe randomly selected) can store the metadata at the end of all of thedata blocks that are part of the abstract block set on that tape.

One example of a parallel restore operation may be described withreference to FIG. 15. As described above, at steps 150-153, the mappingfor the restore of the logical object is determined. Where this restoreis coming from a tape, the metadata for the abstract block set can beretrieved in advance. As described above, after this has been done, theabstract block sets can be restored in any order. Accordingly, theabstract block sets may also be retrieved in parallel using multipletape drives for a restore. In this case, the steps 154-158 may beperformed in parallel using multiple tapes or other media) forretrieving data blocks of the abstract block set being restored.

In embodiments employing virtual channels, a separate virtual channelmay be established for each of the parallel paths for transfer of data.For example, a separate virtual channel may be established for each tapedrive. In another embodiment, a single virtual channel may beestablished, but permitting multiple tape drives to channel data intothat virtual channel. This may be particularly advantageous where thespeed of reading data from the tape drive is slower than the ability totransfer data from the secondary storage node to a primary storage node.Allowing parallel reading of tape drives permits the speed of therestore to approach the ability of the connections to transfer data andthe primary storage element to receive that data.

While many of the above embodiments have been described with respect tobackup and restore operations between a primary storage element and asecondary storage element, many aspects of the invention have muchbroader application. As just one example, an abstract block set can beused for any transfer of data. As another example, the application of asecondary storage node can be greater the simply backup and restoreoperations. Such storage nodes may also be used for hierarchical storagemanagement applications, operation of virtual disks, and otherapplications.

The various methods above may be implemented as software on a floppydisk, compact disk, or other storage device, for use in programming orcontrolling a computer. The computer may be a general purpose computersuch as a work station, main frame or personal computer, that performsthe steps of the disclosed processes or implements equivalents to thedisclosed block diagrams. The software may be included on a diskette asa complete system or as enhancements to an existing system, permittingthe system to perform the methods described herein.

Having thus described at least illustrative embodiments of theinvention, various modifications and improvements will readily occur tothose skilled in the art and are intended to be within the scope of theinvention. Accordingly, the foregoing description is by way of exampleonly and is not intended is limiting. The invention is limited only asdefined in the following claims and the equivalents thereto.

What is claimed is:
 1. A method of generating a backup for a logicalobject, comprising steps of: identifying data blocks of the logicalobject that have changed since an earlier point in time; and storing thechanged data blocks as a differential abstract block set.
 2. The methodof claim 1, further comprising a step of tracking whether a data blockmay have changed since the earlier point in time.
 3. The method of claim1, wherein the step of storing comprises steps of: storing the changeddata blocks; and storing metadata including information sufficient todistinguish the location in the logical object of the changed datablocks of the differential abstract block set.
 4. The method of claim 3,wherein the changed data blocks and the metadata are stored on the samemedia.
 5. The method of claim 3, wherein the changed data blocks arestored on one or more tapes.
 6. The method of claim 3, wherein themetadata comprises a plurality of labels, each label associated with oneor more of the data blocks and a table associating the labels with arelative position in the logical object.
 7. The method of claim 3,wherein the metadata comprises physical memory addresses correspondingto the location in a primary storage device of logical data blocks ofthe logical object.
 8. The method of claim 7, wherein the metadatacomprises a physical address associated with an extent of physical datablocks storing the logical data blocks, and a table specifying therelative position of the extents in the logical object.
 9. The method ofclaim 1, wherein the step of storing comprises a step of storingsegments of data blocks.
 10. The method of claim 9, wherein the segmentscorrespond to tracks of a disk in a primary storage device.
 11. Themethod of claim 9, wherein at least one of the segments includes a datablock that is not included in the logical object.
 12. A storage devicecomprising: a memory; means for identifying data blocks of a logicalobject stored in the memory that have changed since an earlier point intime; and means for transmitting a differential abstract block set fromthe memory.
 13. The storage device of claim 12, wherein the memorycomprises a cached disk array.
 14. The storage device of claim 12,wherein the means for identifying comprises a bit associated withstorage segments of the memory.
 15. A method of forming an updatedabstract block set, the method comprising steps of: providing a fullabstract block set; providing a first differential abstract block set;and combining the full abstract block set and the first differentialabstract block set.
 16. The method of claim 15, wherein the firstdifferential abstract block set comprises a plurality of changed datablocks and metadata associated with the changed data blocks; and thestep of combining comprises steps of adding the changed data blocks tothe full abstract block set, and adding the metadata to the fullabstract block set.
 17. The method of claim 16, wherein the step ofcombining further comprises a step of removing data blocks from the fullabstract block set which correspond to changed data blocks of the firstdifferential abstract block set.
 18. The method of claim 16, wherein thestep of combining further comprises a step of combining the metadata ofthe first differential abstract block set with metadata for the fullabstract block set.
 19. The method of claim 15, further comprising astep of providing a second differential abstract block set; and whereinthe step of combining comprises a step of combining the full abstractblock set, the first differential abstract block set, and the seconddifferential abstract block set.
 20. A method of forming an updatedbackup of a logical object, the method comprising steps of: providing afirst backup of the logical object; providing a first differentialbackup of the logical object, the first differential backup including aplurality of backup data blocks that have changed since the first backupwas formed; adding the backup data blocks to the first backup; andadding metadata identifying an order of data blocks in the updatedbackup.
 21. The method of claim 20, wherein the first backup is anabstract block set for the logical object.
 22. The method of claim 20,wherein the first backup is a second differential abstract block set forthe logical object.
 23. A secondary storage device, comprising: asecondary storage media; and a controller programmed to combine a firstbackup and a differential abstract block set to form a full abstractblock set.
 24. The device of claim 23, wherein the first backup and adifferential abstract block set are stored on the secondary storagemedia.